diff --git a/backend/danswer/auth/users.py b/backend/danswer/auth/users.py index 84f9d27917..f946b394eb 100644 --- a/backend/danswer/auth/users.py +++ b/backend/danswer/auth/users.py @@ -58,7 +58,6 @@ from danswer.auth.schemas import UserRole from danswer.auth.schemas import UserUpdate from danswer.configs.app_configs import AUTH_TYPE from danswer.configs.app_configs import DISABLE_AUTH -from danswer.configs.app_configs import DISABLE_VERIFICATION from danswer.configs.app_configs import EMAIL_FROM from danswer.configs.app_configs import REQUIRE_EMAIL_VERIFICATION from danswer.configs.app_configs import SESSION_EXPIRE_TIME_SECONDS @@ -132,11 +131,12 @@ def get_display_email(email: str | None, space_less: bool = False) -> str: def user_needs_to_be_verified() -> bool: - # all other auth types besides basic should require users to be - # verified - return not DISABLE_VERIFICATION and ( - AUTH_TYPE != AuthType.BASIC or REQUIRE_EMAIL_VERIFICATION - ) + if AUTH_TYPE == AuthType.BASIC: + return REQUIRE_EMAIL_VERIFICATION + + # For other auth types, if the user is authenticated it's assumed that + # the user is already verified via the external IDP + return False def verify_email_is_invited(email: str) -> None: diff --git a/backend/danswer/configs/app_configs.py b/backend/danswer/configs/app_configs.py index 11c6184803..e449bf3183 100644 --- a/backend/danswer/configs/app_configs.py +++ b/backend/danswer/configs/app_configs.py @@ -43,9 +43,6 @@ WEB_DOMAIN = os.environ.get("WEB_DOMAIN") or "http://localhost:3000" AUTH_TYPE = AuthType((os.environ.get("AUTH_TYPE") or AuthType.DISABLED.value).lower()) DISABLE_AUTH = AUTH_TYPE == AuthType.DISABLED -# Necessary for cloud integration tests -DISABLE_VERIFICATION = os.environ.get("DISABLE_VERIFICATION", "").lower() == "true" - # Encryption key secret is used to encrypt connector credentials, api keys, and other sensitive # information. This provides an extra layer of security on top of Postgres access controls # and is available in Danswer EE