✨ Add :insecure-register flag.

This allows on-premise users skip the email validation.
2025-06-07 19:11:40 +02:00 · 2021-11-10 15:53:54 +01:00 · 2021-11-10 15:53:54 +01:00 · e7003dde83
commit e7003dde83
parent bf2a393fd3
10 changed files with 79 additions and 60 deletions
--- a/backend/src/app/http/doc.clj
+++ b/backend/src/app/http/doc.clj
@ -45,7 +45,7 @@
 (defn handler
  [rpc]
  (let [context (prepare-context rpc)]
-    (if (contains? cf/flags :api-doc)
+    (if (contains? cf/flags :backend-api-doc)
      (fn [_]
        {:status 200
         :body (-> (io/resource "api-doc.tmpl")
--- a/backend/src/app/http/oauth.clj
+++ b/backend/src/app/http/oauth.clj
@ -203,6 +203,7 @@
           (sxf request)))
    (let [info   (assoc info
                        :iss :prepared-register
+                        :is-active true
                        :exp (dt/in-future {:hours 48}))
          token  (tokens :generate info)
          params (d/without-nils
--- a/backend/src/app/http/session.clj
+++ b/backend/src/app/http/session.clj
@ -53,12 +53,13 @@

 (defn- add-cookies
  [response {:keys [id] :as session}]
-  (let [cors? (contains? cfg/flags :cors)]
+  (let [cors?   (contains? cfg/flags :cors)
+        secure? (contains? cfg/flags :secure-session-cookies)]
    (assoc response :cookies {cookie-name {:path "/"
                                           :http-only true
                                           :value id
                                           :same-site (if cors? :none :strict)
-                                           :secure true}})))
+                                           :secure secure?}})))

 (defn- clear-cookies
  [response]