bstein/bstein-dev-home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

portal: enforce Keycloak required actions

Browse Source
This commit is contained in:
Brad Stein 2026-01-03 21:45:29 -03:00
parent d62ac0fd45
commit 24fc02ff1f
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
backend/atlas_portal/provisioning.py
View File

@ -181,12 +181,16 @@ def provision_access_request(request_code: str) -> ProvisionResult:
email = contact_email.strip() email = contact_email.strip()
if not email: if not email:
raise RuntimeError("missing verified email address") raise RuntimeError("missing verified email address")
email_is_verified = bool(email_verified_at)
required_actions = ["UPDATE_PASSWORD", "CONFIGURE_TOTP"]
if not email_is_verified:
required_actions.append("VERIFY_EMAIL")
payload = { payload = {
"username": username, "username": username,
"enabled": True, "enabled": True,
"email": email, "email": email,
"emailVerified": bool(email_verified_at), "emailVerified": email_is_verified,
"requiredActions": ["CONFIGURE_TOTP"], "requiredActions": required_actions,
"attributes": {MAILU_EMAIL_ATTR: [mailu_email]}, "attributes": {MAILU_EMAIL_ATTR: [mailu_email]},
} }
created_id = admin_client().create_user(payload) created_id = admin_client().create_user(payload)