jens/TimeTrack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add setting to disable user email verification.

Browse Source
This commit is contained in:
Jens Luedicke
2025-07-01 23:45:03 +02:00
parent c9ee69712d
commit 85847b5d39
3 changed files with 63 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
app.py
View File

@@ -235,6 +235,16 @@ def init_system_settings():
) )
db.session.add(reg_setting) db.session.add(reg_setting)
db.session.commit() db.session.commit()
if not SystemSettings.query.filter_by(key='email_verification_required').first():
print("Adding email_verification_required system setting...")
email_setting = SystemSettings(
key='email_verification_required',
value='true',
description='Controls whether email verification is required for new user accounts'
)
db.session.add(email_setting)
db.session.commit()
def migrate_data(): def migrate_data():
"""Handle data migrations and setup""" """Handle data migrations and setup"""
@@ -350,6 +360,11 @@ def admin_required(f):
return f(*args, **kwargs) return f(*args, **kwargs)
return decorated_function return decorated_function
def get_system_setting(key, default='false'):
"""Helper function to get system setting value"""
setting = SystemSettings.query.filter_by(key=key).first()
return setting.value if setting else default
# Add this decorator function after your existing decorators # Add this decorator function after your existing decorators
def role_required(min_role): def role_required(min_role):
""" """
@@ -492,8 +507,7 @@ def logout():
@app.route('/register', methods=['GET', 'POST']) @app.route('/register', methods=['GET', 'POST'])
def register(): def register():
# Check if registration is enabled # Check if registration is enabled
reg_setting = SystemSettings.query.filter_by(key='registration_enabled').first() registration_enabled = get_system_setting('registration_enabled', 'true') == 'true'
registration_enabled = reg_setting and reg_setting.value == 'true'
if not registration_enabled: if not registration_enabled:
flash('Registration is currently disabled by the administrator.', 'error') flash('Registration is currently disabled by the administrator.', 'error')
@@ -524,6 +538,9 @@ def register():
try: try:
# Check if this is the first user account # Check if this is the first user account
is_first_user = User.query.count() == 0 is_first_user = User.query.count() == 0
# Check if email verification is required
email_verification_required = get_system_setting('email_verification_required', 'true') == 'true'
new_user = User(username=username, email=email, is_verified=False) new_user = User(username=username, email=email, is_verified=False)
new_user.set_password(password) new_user.set_password(password)
@@ -533,8 +550,11 @@ def register():
new_user.is_admin = True new_user.is_admin = True
new_user.role = Role.ADMIN new_user.role = Role.ADMIN
new_user.is_verified = True # Auto-verify first user new_user.is_verified = True # Auto-verify first user
elif not email_verification_required:
# If email verification is disabled, auto-verify new users
new_user.is_verified = True
# Generate verification token # Generate verification token (even if not needed, for consistency)
token = new_user.generate_verification_token() token = new_user.generate_verification_token()
db.session.add(new_user) db.session.add(new_user)
@@ -544,8 +564,12 @@ def register():
# First user gets admin privileges and is auto-verified # First user gets admin privileges and is auto-verified
logger.info(f"First user account created: {username} with admin privileges") logger.info(f"First user account created: {username} with admin privileges")
flash('Welcome! You are the first user and have been granted administrator privileges. You can now log in.', 'success') flash('Welcome! You are the first user and have been granted administrator privileges. You can now log in.', 'success')
elif not email_verification_required:
# Email verification is disabled, user can log in immediately
logger.info(f"User account created with auto-verification: {username}")
flash('Registration successful! You can now log in.', 'success')
else: else:
# Send verification email for regular users # Send verification email for regular users when verification is required
verification_url = url_for('verify_email', token=token, _external=True) verification_url = url_for('verify_email', token=token, _external=True)
msg = Message('Verify your TimeTrack account', recipients=[email]) msg = Message('Verify your TimeTrack account', recipients=[email])
msg.body = f'''Hello {username}, msg.body = f'''Hello {username},
@@ -1333,18 +1357,26 @@ def admin_settings():
if request.method == 'POST': if request.method == 'POST':
# Update registration setting # Update registration setting
registration_enabled = 'registration_enabled' in request.form registration_enabled = 'registration_enabled' in request.form
reg_setting = SystemSettings.query.filter_by(key='registration_enabled').first() reg_setting = SystemSettings.query.filter_by(key='registration_enabled').first()
if reg_setting: if reg_setting:
reg_setting.value = 'true' if registration_enabled else 'false' reg_setting.value = 'true' if registration_enabled else 'false'
db.session.commit()
flash('System settings updated successfully!', 'success') # Update email verification setting
email_verification_required = 'email_verification_required' in request.form
email_setting = SystemSettings.query.filter_by(key='email_verification_required').first()
if email_setting:
email_setting.value = 'true' if email_verification_required else 'false'
db.session.commit()
flash('System settings updated successfully!', 'success')
# Get current settings # Get current settings
settings = {} settings = {}
for setting in SystemSettings.query.all(): for setting in SystemSettings.query.all():
if setting.key == 'registration_enabled': if setting.key == 'registration_enabled':
settings['registration_enabled'] = setting.value == 'true' settings['registration_enabled'] = setting.value == 'true'
elif setting.key == 'email_verification_required':
settings['email_verification_required'] = setting.value == 'true'
return render_template('admin_settings.html', title='System Settings', settings=settings) return render_template('admin_settings.html', title='System Settings', settings=settings)

13
migrate_db.py
View File

@@ -316,6 +316,19 @@ def init_system_settings():
db.session.add(reg_setting) db.session.add(reg_setting)
db.session.commit() db.session.commit()
print("Registration setting initialized to enabled") print("Registration setting initialized to enabled")
# Check if email_verification_required setting exists
email_verification_setting = SystemSettings.query.filter_by(key='email_verification_required').first()
if not email_verification_setting:
print("Adding email_verification_required system setting...")
email_verification_setting = SystemSettings(
key='email_verification_required',
value='true', # Default to enabled for security
description='Controls whether email verification is required for new user accounts'
)
db.session.add(email_verification_setting)
db.session.commit()
print("Email verification setting initialized to enabled")
if __name__ == "__main__": if __name__ == "__main__":
migrate_database() migrate_database()

12
templates/admin_settings.html
View File

@@ -20,7 +20,17 @@
</p> </p>
</div> </div>
<!-- You can add more settings here in the future --> <div class="form-group">
<label class="checkbox-container">
<input type="checkbox" name="email_verification_required"
{% if settings.email_verification_required %}checked{% endif %}>
<span class="checkmark"></span>
Require Email Verification
</label>
<p class="setting-description">
When enabled, new users must verify their email address before accessing the application. When disabled, new users can log in immediately after registration.
</p>
</div>
</div> </div>
<div class="form-actions"> <div class="form-actions">