New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SOCIALACCOUNT_EMAIL_REQUIRED False with ACCOUNT_EMAIL_VERIFICATION mandatory leads to "stuck" users #3146
Comments
A rare valid bug!!! I disagree w/ the users suggestion here. These are conflicting settings and allauth should probably detect this and throw a warning. |
@pennersr looks like we have some kinda spam bot here? Dunno what this facebook link is about. |
@derek-adair |
Isn't the |
|
I am trying to understand what your specific use case for this configuration is, could you elaborate why you feel the need to verify emails if they do not sign up w/ social? It seems like you should either rely on it being verified or not. Also I need to understand exactly what state the user is in before I would change my mind on this one (not that it matters, @pennersr is the final say i'm just the triage monkey). For example, I can imagine if you'd like to accept social logins that do not have emails then the user should be prompted to add an email, not verify one. |
The use-case is to avoid trivial account signup "spam". |
I'm not asking "why verify email addresses for direct signups". I'm asking why not verify email for both social signups AND direct signups? If "spam" is your concern than it would seem important that your 3rd party services provide you with an email address you can verify. |
If using the following settings:
Users are able to signup with a social account, then not provide an email address, but will still be expected to verify their non-email address.
I think it would make sense for
ACCOUNT_EMAIL_VERIFICATION
to indicate that it is required iff the user has an email address, but not otherwise.The text was updated successfully, but these errors were encountered: