github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-03-23 07:25:42 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Prioritize explicit 'connect' over matching by email

Browse Source 
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
This commit is contained in:
David Taylor 2018-12-07 14:12:08 +00:00
parent 3cad3f9df1
commit 86f8734bc0
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/auth/managed_authenticator.rb
View File

@ -55,7 +55,7 @@ class Auth::ManagedAuthenticator < Auth::Authenticator
end
# Matching an account by email
if match_by_email && association.nil? && (user = User.find_by_email(email))
if match_by_email && association.nil? && result.user.nil? && (user = User.find_by_email(email))
UserAssociatedAccount.where(user: user, provider_name: auth_token[:provider]).destroy_all # Destroy existing associations for the new user
result.user = user
end

8
spec/components/auth/managed_authenticator_spec.rb
View File

@ -55,6 +55,14 @@ describe Auth::ManagedAuthenticator do
expect(UserAssociatedAccount.exists?(user_id: user2.id)).to eq(true)
end
it 'still works if another user has a matching email' do
Fabricate(:user, email: hash.dig(:info, :email))
result = authenticator.after_authenticate(hash, existing_account: user2)
expect(result.user.id).to eq(user2.id)
expect(UserAssociatedAccount.exists?(user_id: user1.id)).to eq(false)
expect(UserAssociatedAccount.exists?(user_id: user2.id)).to eq(true)
end
it 'does not work when disabled' do
authenticator = Class.new(described_class) do
def name