This commit is contained in:
Michael Brown
parent
6e1dd12390
commit
105cf61ed9
|
|
@ -139,6 +139,7 @@ en:
|
|||
max_username_length_range: "You cannot set the maximum below the minimum."
|
||||
default_categories_already_selected: "You cannot select a category used in another list."
|
||||
s3_upload_bucket_is_required: "You cannot enable uploads to S3 unless you've provided the 's3_upload_bucket'."
|
||||
conflicting_google_user_id: 'The Google Account ID for this account has changed, for protection this requires manual intervention. Please contact the site administrator with the following reference:<br><a href="https://meta.discourse.org/t/76575">https://meta.discourse.org/t/76575</a>'
|
||||
|
||||
activemodel:
|
||||
errors:
|
||||
|
|
|
|||
|
|
@ -21,6 +21,19 @@ class Auth::GoogleOAuth2Authenticator < Auth::Authenticator
|
|||
if !result.user && !result.email.blank? && result.email_valid
|
||||
result.user = User.find_by_email(result.email)
|
||||
if result.user
|
||||
# we've matched an existing user to this login attempt...
|
||||
if result.user.google_user_info && result.user.google_user_info.google_user_id != google_hash[:google_user_id]
|
||||
# but the user has changed the google account used to log in...
|
||||
if result.user.google_user_info.email != google_hash[:email]
|
||||
# the user changed their email, go ahead and scrub the old record
|
||||
result.user.google_user_info.destroy!
|
||||
else
|
||||
# same email address but different account? likely a takeover scenario
|
||||
result.failed = true
|
||||
result.failed_reason = I18n.t('errors.conflicting_google_user_id')
|
||||
return result
|
||||
end
|
||||
end
|
||||
::GoogleUserInfo.create({ user_id: result.user.id }.merge(google_hash))
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in New Issue