From ed38d74b3e994f4bd7be5ac22fb167f4169c77a3 Mon Sep 17 00:00:00 2001
From: Puyodead1 <puyodead@protonmail.com>
Date: Fri, 24 Feb 2023 06:36:57 -0500
Subject: don't return token on register if verification required

---
 src/api/routes/auth/register.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src')

diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts
index 0bf8efae..c941fdf6 100644
--- a/src/api/routes/auth/register.ts
+++ b/src/api/routes/auth/register.ts
@@ -278,6 +278,17 @@ router.post(
 			await Invite.joinGuild(user.id, body.invite);
 		}
 
+		// return an error for unverified accounts if verification is required
+		if (Config.get().login.requireVerification && !user.verified) {
+			throw FieldErrors({
+				login: {
+					code: "ACCOUNT_LOGIN_VERIFICATION_EMAIL",
+					message:
+						"Email verification is required, please check your email.",
+				},
+			});
+		}
+
 		return res.json({ token: await generateToken(user.id) });
 	},
 );
-- 
cgit 1.4.1