Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

External login and 2FA or lockout #389

Closed
aiscrim opened this issue Nov 6, 2019 · 3 comments
Closed

External login and 2FA or lockout #389

aiscrim opened this issue Nov 6, 2019 · 3 comments
Assignees
Labels
bug Something isn't working

Comments

@aiscrim
Copy link
Contributor

aiscrim commented Nov 6, 2019

I just discovered a bug in the external login callback when the user has configured 2FA or has been locked out. In those cases, the ExternalLoginCallback assumes that the user does not exist, so it tries to create the user again (and it fails because the email is already taken).
The same code in the Login method that redirects to LoginWith2FA or to Lockout should be used in the ExternalLoginCallback method too in case the external sign in fails.

@skoruba
Copy link
Owner

skoruba commented Nov 6, 2019

I'll check it. Did you fix it?
Thanks.

@aiscrim
Copy link
Contributor Author

aiscrim commented Nov 6, 2019

Yes, just copying the lines of code I referred to above, but probably a better approach would be to refactor a bit the methods so that there is no duplication and maybe add some unit tests.
Now I have only the time for the dirty fix, that's why I didn't open a PR for this one.

@skoruba
Copy link
Owner

skoruba commented Nov 6, 2019

Thanks @aiscrim

@skoruba skoruba self-assigned this Nov 11, 2019
@skoruba skoruba added the bug Something isn't working label Nov 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants