1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-06-27 16:36:00 +00:00

Make sure OAuth2 users cannot be associated multiple times

This commit is contained in:
Frédéric Guillot 2017-12-29 14:17:53 -08:00
parent 0f053b07a5
commit 9eb91e6f0b
5 changed files with 27 additions and 11 deletions

View file

@ -71,7 +71,20 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re
}
if ctx.IsAuthenticated() {
user := ctx.LoggedUser()
user, err := c.store.UserByExtraField(profile.Key, profile.ID)
if err != nil {
response.HTML().ServerError(err)
return
}
if user != nil {
logger.Error("[OAuth2] User #%d cannot be associated because %s is already associated", ctx.UserID(), user.Username)
ctx.SetFlashErrorMessage(ctx.Translate("There is already someone associated with this provider!"))
response.Redirect(ctx.Route("settings"))
return
}
user = ctx.LoggedUser()
if err := c.store.UpdateExtraField(user.ID, profile.Key, profile.ID); err != nil {
response.HTML().ServerError(err)
return