From 047b1e0dab9927c48f2b2013f1ad57320798d81f Mon Sep 17 00:00:00 2001
From: Matthew Evans <git@ml-evs.science>
Date: Tue, 30 Jul 2024 12:35:52 +0100
Subject: [PATCH] Add config options to automatically activate accounts from
 GitHub, email or any auth source

---
 pydatalab/pydatalab/config.py           | 15 +++++++++++++++
 pydatalab/pydatalab/routes/v0_1/auth.py | 11 +++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/pydatalab/pydatalab/config.py b/pydatalab/pydatalab/config.py
index 40578d3ad..45fba8538 100644
--- a/pydatalab/pydatalab/config.py
+++ b/pydatalab/pydatalab/config.py
@@ -205,6 +205,21 @@ class ServerConfig(BaseSettings):
         description="Whether to automatically activate accounts created via ORCID registration.",
     )
 
+    GITHUB_AUTO_ACTIVATE_ACCOUNTS: bool = Field(
+        False,
+        description="Whether to automatically activate accounts created via GitHub registration.",
+    )
+
+    EMAIL_AUTO_ACTIVATE_ACCOUNTS: bool = Field(
+        False,
+        description="Whether to automatically activate accounts created via GitHub registration.",
+    )
+
+    AUTO_ACTIVATE_ACCOUNTS: bool = Field(
+        False,
+        description="Whether to automatically activate accounts created via any registration method.",
+    )
+
     EMAIL_DOMAIN_ALLOW_LIST: Optional[List[str]] = Field(
         [],
         description="A list of domains for which users will be able to register accounts if they have a matching verified email address, which still need to be verified by an admin. Setting the value to `None` will allow any email addresses at any domain to register *and activate* an account, otherwise the default `[]` will not allow any email addresses registration.",
diff --git a/pydatalab/pydatalab/routes/v0_1/auth.py b/pydatalab/pydatalab/routes/v0_1/auth.py
index c12b18ef0..b04c8329d 100644
--- a/pydatalab/pydatalab/routes/v0_1/auth.py
+++ b/pydatalab/pydatalab/routes/v0_1/auth.py
@@ -373,7 +373,11 @@ def email_logged_in():
         raise UserRegistrationForbidden
 
     create_account = AccountStatus.UNVERIFIED
-    if CONFIG.EMAIL_DOMAIN_ALLOW_LIST is None:
+    if (
+        CONFIG.EMAIL_DOMAIN_ALLOW_LIST is None
+        or CONFIG.EMAIL_AUTO_ACTIVATE_ACCOUNTS
+        or CONFIG.AUTO_ACTIVATE_ACCOUNTS
+    ):
         create_account = AccountStatus.ACTIVE
 
     find_create_or_modify_user(
@@ -426,6 +430,9 @@ def github_logged_in(blueprint, token):
     elif CONFIG.GITHUB_ORG_ALLOW_LIST is None:
         create_account = True
 
+    if CONFIG.GITHUB_AUTO_ACTIVATE_ACCOUNTS or CONFIG.AUTO_ACTIVATE_ACCOUNTS:
+        create_account = AccountStatus.ACTIVE
+
     find_create_or_modify_user(
         github_user_id,
         IdentityType.GITHUB,
@@ -452,7 +459,7 @@ def orcid_logged_in(_, token):
 
     # New ORCID accounts must be activated by an admin unless configured otherwise
     create_account = AccountStatus.UNVERIFIED
-    if CONFIG.ORCID_AUTO_ACTIVATE_ACCOUNTS:
+    if CONFIG.ORCID_AUTO_ACTIVATE_ACCOUNTS or CONFIG.AUTO_ACTIVATE_ACCOUNTS:
         create_account = AccountStatus.ACTIVE
 
     find_create_or_modify_user(