app/graphql/ibrain/auth/mutations/sign_in_mutation.rb in ibrain-auth-0.3.3 vs app/graphql/ibrain/auth/mutations/sign_in_mutation.rb in ibrain-auth-0.3.4

@@ -10,9 +10,14 @@
     argument :device_token, String, description: 'Device token for notification', required: false
 
     def resolve(_args)
       raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.account.incorrect') if auth_resource.blank?
 
+      if !auth_resource.try(:can_skip_confirmation?) && !auth_resource.try(:confirmed?)
+        raise ActionController::InvalidAuthenticityToken, I18n.t('ibrain.errors.account.not_verified')
+      end
+
+      auth_resource.skip_confirmation! unless auth_resource.try(:confirmed?)
       sign_in(resource_name, auth_resource)
       @current_user = warden.authenticate!(auth_options)
 
       warden.set_user(current_user)
       current_user.jwt_token, jti = auth_headers(request, auth_resource)