Skip to content

DEV: Enable auth_skip_create_confirm on new sites #33073

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

DEV: Enable auth_skip_create_confirm on new sites #33073

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4147178
Switch default and add migration
pmusaraj Jun 4, 2025
1760c9c
fix tests
pmusaraj Jun 4, 2025
a10b855
Fix system specs
pmusaraj Jun 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions app/assets/javascripts/discourse/tests/acceptance/create-account-external-test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ acceptance("Create Account - external auth", function (needs) {
document.getElementById("data-authentication").remove();
});

test("when skip is disabled (default)", async function (assert) {
test("when skip is disabled", async function (assert) {
this.siteSettings.auth_skip_create_confirm = false;
await visit("/");

assert.dom(".signup-fullpage").exists("it shows the signup page");
Expand All @@ -37,8 +38,7 @@ acceptance("Create Account - external auth", function (needs) {
.doesNotExist("it does not show the associate link");
});

test("when skip is enabled", async function (assert) {
this.siteSettings.auth_skip_create_confirm = true;
test("when skip is enabled (default)", async function (assert) {
await visit("/");

assert.dom(".signup-fullpage").exists("it shows the signup page");
Expand All @@ -58,6 +58,7 @@ acceptance("Create account - with associate link", function (needs) {
});

test("displays associate link when allowed", async function (assert) {
this.siteSettings.auth_skip_create_confirm = false;
await visit("/");

assert.dom(".signup-fullpage").exists("it shows the signup page");
Expand Down
2 changes: 1 addition & 1 deletion config/site_settings.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -665,7 +665,7 @@ login:
regex: "^[a-zA-Z0-9_=\\.]+$"
secret: true
auth_skip_create_confirm:
default: false
default: true
client: true
auth_immediately:
default: true
Expand Down
15 changes: 15 additions & 0 deletions db/migrate/20250604181345_disable_auth_skip_create_confirm_existing_sites.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# frozen_string_literal: true

class DisableAuthSkipCreateConfirmExistingSites < ActiveRecord::Migration[7.2]
def up
execute <<~SQL if Migration::Helpers.existing_site?
INSERT INTO site_settings(name, data_type, value, created_at, updated_at)
VALUES('auth_skip_create_confirm', 5, 'f', NOW(), NOW())
ON CONFLICT (name) DO NOTHING
SQL
end

def down
raise ActiveRecord::IrreversibleMigration
end
end
38 changes: 28 additions & 10 deletions spec/system/social_authentication_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,11 @@
let(:login_form) { PageObjects::Pages::Login.new }
let(:signup_form) { PageObjects::Pages::Signup.new }

before { OmniAuth.config.test_mode = true }
before do
OmniAuth.config.test_mode = true
SiteSetting.auth_skip_create_confirm = false
SiteSetting.full_name_requirement = "optional_at_signup"
end
end

shared_examples "social authentication scenarios" do
Expand Down Expand Up @@ -269,19 +273,35 @@
end

context "when skipping the signup form" do
before do
SiteSetting.enable_google_oauth2_logins = true
SiteSetting.auth_skip_create_confirm = true
end
before { SiteSetting.auth_skip_create_confirm = true }
after { reset_omniauth_config(:google_oauth2) }

it "creates the account directly" do
it "works with Google" do
SiteSetting.enable_google_oauth2_logins = true
mock_google_auth
visit("/")

signup_form.open.click_social_button("google_oauth2")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end

it "works with Github" do
SiteSetting.enable_github_logins = true
mock_github_auth
visit("/")

signup_form.open.click_social_button("github")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end

it "works with Discord" do
SiteSetting.enable_discord_logins = true
mock_discord_auth
visit("/")

signup_form.open.click_social_button("discord")
expect(page).to have_css(".header-dropdown-toggle.current-user")
end
end

context "when there is only one external login method enabled" do
Expand Down Expand Up @@ -502,13 +522,11 @@
end

describe "Social authentication", type: :system do
before { SiteSetting.full_name_requirement = "optional_at_signup" }

context "when fullpage desktop" do
context "when desktop" do
include_examples "social authentication scenarios"
end

context "when fullpage mobile", mobile: true do
context "when mobile", mobile: true do
include_examples "social authentication scenarios"
end
end
Loading