Usually, when one logs in with a 3rd party provider like facebook, an email address verification is skipped as the 3rd party has already done the verification.

However, the connector module seems to respect this setting and does not allow the user to login if the email is not verified after a registration is done using facebook.

any insights why ?

Comments

voxpelli’s picture

voxpelli commented

As I recall my original idea was that the Connector module shouldn't make any assumptions about whether eg. an e-mail verification should be required or not when an external login service is used.

If a site wants to have all e-mail addresses confirmed (which such a setting show) – then all e-mail addresses should be confirmed – otherwise it shouldn't require it.

Some granular setting for this, provided by Connector or a separate module, would of course be a good idea. I don't remember if that is something that has been made or not. But as I said – I do think it is a good idea to respect any defaults that are there so that the module don't become an accidental backdoor around otherwise set requirements. Ignoring such settings shouldn't ever happen implicitly just by setting up eg. a Facebook login but should always be an explicit choice by the site owner.

alansaviolobo’s picture

alansaviolobo commented

makes sense.
I have commented out the code in my app for now. But I would be happy to contribute a patch for a mutually agreed upon strategy.