👔 Did not block unconfirmed user login, give them no permission instead

pkg/internal/http/api/auth_api.go

@@ -37,8 +37,6 @@ func doAuthenticate(c *fiber.Ctx) error {
 	user, err := services.LookupAccount(data.Username)
 	if err != nil {
 		return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err.Error()))
-	} else if user.ConfirmedAt == nil {
-		return fiber.NewError(fiber.StatusForbidden, "account was not confirmed; check your inbox, there will be an email lead you confirm your registration")
 	} else if user.SuspendedAt != nil {
 		return fiber.NewError(fiber.StatusForbidden, "account was suspended")
 	}

pkg/internal/services/accounts.go

@@ -149,12 +149,8 @@ func CreateAccount(name, nick, email, password string) (models.Account, error) {
 
 	if err := database.C.Create(&user).Error; err != nil {
 		return user, err
-	} else if viper.GetInt("default_user_group") > 0 {
-		database.C.Create(&models.AccountGroupMember{
-			AccountID: user.ID,
-			GroupID:   uint(viper.GetInt("default_user_group")),
-		})
 	}
+	// Only gave user permission group after they confiremd the registeration
 
 	if tk, err := NewMagicToken(models.ConfirmMagicToken, &user, nil); err != nil {
 		return user, err
@@ -192,14 +188,17 @@ func ConfirmAccount(code string) error {
 func ForceConfirmAccount(user models.Account) error {
 	user.ConfirmedAt = lo.ToPtr(time.Now())
 
-	for k, v := range viper.GetStringMap("permissions.verified") {
-		if val, ok := user.PermNodes[k]; !ok {
-			user.PermNodes[k] = v
-		} else {
-			user.PermNodes[k] = val
-		}
+	if viper.GetInt("default_user_group") > 0 {
+		database.C.Create(&models.AccountGroupMember{
+			AccountID: user.ID,
+			GroupID:   uint(viper.GetInt("default_user_group")),
+		})
 	}
 
+	_ = database.C.Model(&models.AccountContact{}).Where("account_id = ?", user.ID).Updates(&models.AccountContact{
+		VerifiedAt: lo.ToPtr(time.Now()),
+	})
+
 	if err := database.C.Save(&user).Error; err != nil {
 		return err
 	}