Aktueller Stand

lib/auth-helpers.ts

@@ -1,6 +1,7 @@
 import { getServerSession } from "next-auth";
 import { NextResponse } from "next/server";
 import { authOptions } from "./auth";
+import { getEmailVerificationRequired } from "./system-settings";
 
 export async function requireSession() {
   const session = await getServerSession(authOptions);
@@ -13,7 +14,8 @@ export async function requireSession() {
       response: NextResponse.json({ error: "Account nicht freigeschaltet." }, { status: 403 })
     };
   }
-  if (session.user.emailVerified === false) {
+  const emailVerificationRequired = await getEmailVerificationRequired();
+  if (emailVerificationRequired && session.user.emailVerified === false) {
     return {
       session: null,
       response: NextResponse.json({ error: "E-Mail nicht verifiziert." }, { status: 403 })