Skip to content

Nour/email verification #955

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nour-massri merged 19 commits into from
Dec 13, 2025
Merged

Nour/email verification #955

nour-massri merged 19 commits into from
Dec 13, 2025

Conversation

@nour-massri
Copy link
Member

@nour-massri nour-massri commented Nov 30, 2025
edited by lowtorola
Loading

This pull request introduces email verification as a requirement for key user actions in the competition and team APIs. It adds a new email_verified field to the User model, creates a model for managing email verification tokens, and updates permissions across multiple endpoints to enforce email verification. Test cases and admin interfaces are also updated to support and validate this new flow.

Email Verification Enforcement

  • Added IsEmailVerified permission to all relevant endpoints in compete/views.py and teams/views.py, ensuring only users with verified emails can create submissions, join/leave teams, and access team information. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13]

User Model and Database Changes

  • Added a new email_verified Boolean field to the User model via migration, defaulting to False.
  • Introduced the EmailVerificationToken model and migration for managing email verification tokens, including admin registration for viewing tokens. [1] [2] [3]

Test Suite Updates

  • Updated all relevant test setups to ensure test users have email_verified=True, reflecting the new permission requirements and preventing test failures. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]

Dependency Update

  • Upgraded django-sortedm2m from version 3.1.1 to 4.0.0 in environment.yml.

These changes collectively enforce email verification for users performing sensitive actions, provide the necessary backend infrastructure for verification tokens, and ensure the test suite remains robust under the new requirements.

lowtorola
lowtorola reviewed Dec 7, 2025
View reviewed changes
lowtorola
lowtorola reviewed Dec 7, 2025
View reviewed changes
frontend/src/App.tsx
queryCache: new QueryCache({
onError: (error) => {
if (error instanceof ResponseError) {
// TODO: add special handling for 403 email verification erros
Copy link
Contributor

@lowtorola lowtorola Dec 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We also need to let our custom backend errors have their messages show in their toasts as well.. seems like a whole future pr for these two tasks

Copy link
Member Author

@nour-massri nour-massri Dec 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah might be a another frontend pr to resolve

@nour-massri nour-massri marked this pull request as ready for review December 13, 2025 18:51
lowtorola
lowtorola approved these changes Dec 13, 2025
View reviewed changes
Copy link
Contributor

@lowtorola lowtorola left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM :shipit:

@nour-massri nour-massri merged commit 462d2d4 into main Dec 13, 2025
6 checks passed
@nour-massri nour-massri deleted the nour/email_verification branch December 13, 2025 22:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lowtorola lowtorola lowtorola approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nour-massri @lowtorola