Require confirmed email address for GitLab OAuth authentication
Allowing users with unconfirmed/unverified email addresses to authenticate to an external service using GitLab OAuth is not secure. This change enforces that a user must have a confirmed primary email address to proceed with OAuth.
Showing
Please register or sign in to comment