>In that case, how should this address be validated? Should Postorius >consider that the login system always validates addresses and set them >as >verified in Mailman? Should it ask mailman to verify the email >addresses >when it encounters a user's un-verified address? This does not seem >possible in REST at the moment (unless I missed it), and should be >protected against multiple checks. > >Ideas? I started a thread about this a couple of months back. I was asking about what authentication system to switch to, since persona is being dropped. I found a couple of solutions and have my personal favorite: django-allauth
I have a merge request pending that adds basic functionality for it in postorius. I think that it's better than python-social-auth that hyperkitty is currently using. Short version: it supports both external (social) and internal (django) auth systems and offers options to combine/switch between them . Allauth provides Signals that I used to verify the addresses in Mailman. The link to my merge request: https://gitlab.com/mailman/postorius/merge_requests/130 The link to my previous post: https://mail.python.org/pipermail/mailman-developers/2016-January/025338.html -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
