groove/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2026-03-03 22:49:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Require email_verified to be explicitly true when enforcement is enabled

Browse source 
Previously the check only rejected email_verified === false, allowing
logins when the claim was missing entirely. Since the admin opted in,
the IdP is expected to provide the claim.
This commit is contained in:
Denis Arnst 2026-02-05 19:56:58 +01:00
parent b3d63f4158
commit 49aeb2da19
No known key found for this signature in database
GPG key ID: D5866C58940197BF
2 changed files with 9 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/auth/OidcAuthStrategy.js
View file

@ -168,7 +168,7 @@ class OidcAuthStrategy {
}
// Enforce email_verified check on every login if configured
if (global.ServerSettings.authOpenIDRequireVerifiedEmail && userinfo.email_verified === false) {
if (global.ServerSettings.authOpenIDRequireVerifiedEmail && userinfo.email_verified !== true) {
throw new AuthError('Email is not verified', 401)
}