Skip to content
Snippets Groups Projects
Unverified Commit bf3ce203 authored by Ahmad Farhat's avatar Ahmad Farhat Committed by GitHub
Browse files

Fixed issues with external accounts re-signing in (#4637) 

* Fixed issues with external accounts

* more fixes
parent 6f2b4f99
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
app/controllers/external_controller.rb
+ 9
8
View file @ bf3ce203
...@@ -16,20 +16,21 @@ class ExternalController < ApplicationController ...@@ -16,20 +16,21 @@ class ExternalController < ApplicationController
verified: true verified: true
} }
user = User.find_by(external_id: credentials['uid'], provider:)
new_user = user.blank?
registration_method = SettingGetter.new(setting_name: 'RegistrationMethod', provider: current_provider).call registration_method = SettingGetter.new(setting_name: 'RegistrationMethod', provider: current_provider).call
# Check if they have a valid token # Check if they have a valid token only if a new sign up
if registration_method == SiteSetting::REGISTRATION_METHODS[:invite] && !valid_invite_token(email: user_info[:email]) if new_user && registration_method == SiteSetting::REGISTRATION_METHODS[:invite] && !valid_invite_token(email: user_info[:email])
raise StandardError, Rails.configuration.custom_error_msgs[:invite_token_invalid] raise StandardError, Rails.configuration.custom_error_msgs[:invite_token_invalid]
end end
user = User.find_or_create_by!(external_id: credentials['uid'], provider:) do |u| # Create the user if they dont exist
user_info[:role] = default_role user = User.create({ external_id: credentials['uid'], provider:, role: default_role }.merge(user_info)) if new_user
u.assign_attributes(user_info)
end
if SettingGetter.new(setting_name: 'ResyncOnLogin', provider:).call if SettingGetter.new(setting_name: 'ResyncOnLogin', provider:).call
user.assign_attributes(user_info) user.assign_attributes(user_info.except(:language)) # Don't reset the user's language
user.save! if user.changed? user.save! if user.changed?
end end
...@@ -37,7 +38,7 @@ class ExternalController < ApplicationController ...@@ -37,7 +38,7 @@ class ExternalController < ApplicationController
session[:session_token] = user.session_token session[:session_token] = user.session_token
# Set to pending if registration method is approval # Set to pending if registration method is approval
user.pending! if registration_method == SiteSetting::REGISTRATION_METHODS[:approval] user.pending! if new_user && registration_method == SiteSetting::REGISTRATION_METHODS[:approval]
# TODO: - Ahmad: deal with errors # TODO: - Ahmad: deal with errors
redirect_location = cookies[:location] redirect_location = cookies[:location]
......
spec/controllers/external_controller_spec.rb
+ 9
0
View file @ bf3ce203
...@@ -193,6 +193,15 @@ RSpec.describe ExternalController, type: :controller do ...@@ -193,6 +193,15 @@ RSpec.describe ExternalController, type: :controller do
expect { get :create_user, params: { provider: 'openid_connect' } }.to change(Invitation, :count).by(-1) expect { get :create_user, params: { provider: 'openid_connect' } }.to change(Invitation, :count).by(-1)
end end
it 'allows a user with an existing account to sign in without a token' do
request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
create(:user, external_id: OmniAuth.config.mock_auth[:openid_connect][:uid])
expect { get :create_user, params: { provider: 'openid_connect' } }.not_to raise_error
expect(response).to redirect_to('/rooms')
end
it 'returns an InviteInvalid error if no invite is passed' do it 'returns an InviteInvalid error if no invite is passed' do
request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect] request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum Datenschutzerklärung