This repository has been archived by the owner on Jul 30, 2024. It is now read-only.
Added config option 'SECURITY_USER_ACTIVE_BY_DEFAULT' #760
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,7 +9,7 @@ | |
| :license: MIT, see LICENSE for more details. | ||
| """ | ||
|
|
||
| from .utils import get_identity_attributes, string_types, config_value | ||
|
|
||
|
|
||
| class Datastore(object): | ||
|
|
@@ -124,7 +124,7 @@ def _prepare_role_modify_args(self, user, role): | |
| return user, role | ||
|
|
||
| def _prepare_create_user_args(self, **kwargs): | ||
|
There was a problem hiding this comment. @eliaperantoni could we simply remove the line and rely on default in user defined datastore? There was a problem hiding this comment. By having this line here we're able to make users active or not by default but we can also override this setting for some particular users if needed. |
||
| kwargs.setdefault('active', config_value('USER_ACTIVE_BY_DEFAULT')) | ||
| roles = kwargs.get('roles', []) | ||
| for i, role in enumerate(roles): | ||
| rn = role.name if isinstance(role, self.role_model) else role | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please move it close to
USER_IDENTITY_ATTRIBUTESoption?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't
USER_IDENTITY_ATTRIBUTESspecify what user attributes uniquely identify it?If so, I didn't meant this thing to be a user-specific attribute but rather an application-wise configuration that determines whether or not new users are active by default therefore being able to login without being reviewed. That's why I made
USER_ACTIVE_BY_DEFAULTa configuration value flask-security wise.Thing of this way: you can set
USER_ACTIVE_BY_DEFAULTto True and you'll have a standard registration, as soon as you register and confirm your email you can login.On the other hand, if you set
USER_ACTIVE_BY_DEFAULTto False, after you register you will have to wait for administrators to approve your account before being able to log in.It's basically designed for restricted-access websites.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It sounds good. I was a bit confused by the name. Can you add the documentation and consider changing the name to something around:
MANUAL_USER_ACTIVATIONRESTRICT_REGISTRATION...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure! Check out the new commit