Make sure OAuth2 users cannot be associated multiple times

2017-12-29 14:17:53 -08:00 · 2017-12-29 14:17:53 -08:00 · 9eb91e6f0b
commit 9eb91e6f0b
parent 0f053b07a5
5 changed files with 27 additions and 11 deletions
--- a/locale/translations.go
+++ b/locale/translations.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-12-28 18:55:07.409784145 -0800 PST m=+0.036504731
+// 2017-12-29 14:12:55.369940267 -0800 PST m=+0.042539315
 package locale
@ -209,12 +209,13 @@ var translations = map[string]string{
    "Download original content": "Télécharger le contenu original",
    "Toggle bookmark": "Ajouter/Enlever favoris",
    "Close modal dialog": "Fermer la boite de dialogue",
-    "Save article": "Sauvegarder l'article"
+    "Save article": "Sauvegarder l'article",
    "There is already someone associated with this provider!": "Il y a déjà quelqu'un d'associé avec ce provider !"
 }
 `,
 }
 var translationsChecksums = map[string]string{
 	"en_US": "6fe95384260941e8a5a3c695a655a932e0a8a6a572c1e45cb2b1ae8baa01b897",
-	"fr_FR": "30f70cf369dae3e0461e44a444be56d657d7d381801c321e7312886e75278c81",
+	"fr_FR": "710be25933b58ab1449ec8797696cf937d4854fa0e9db555e2ef8fadd09b4382",
 }
--- a/locale/translations/fr_FR.json
+++ b/locale/translations/fr_FR.json
@ -193,5 +193,6 @@
    "Download original content": "Télécharger le contenu original",
    "Toggle bookmark": "Ajouter/Enlever favoris",
    "Close modal dialog": "Fermer la boite de dialogue",
-    "Save article": "Sauvegarder l'article"
+    "Save article": "Sauvegarder l'article",
    "There is already someone associated with this provider!": "Il y a déjà quelqu'un d'associé avec ce provider !"
 }
--- a/server/core/context.go
+++ b/server/core/context.go
@ -135,7 +135,7 @@ func (c *Context) SetFlashErrorMessage(message string) {
 // FlashErrorMessage returns the error flash message and remove it.
 func (c *Context) FlashErrorMessage() string {
-	message := c.getContextStringValue(middleware.FlashMessageContextKey)
+	message := c.getContextStringValue(middleware.FlashErrorMessageContextKey)
 	c.store.UpdateSessionField(c.SessionID(), "flash_error_message", "")
 	return message
 }
--- a/server/ui/controller/controller.go
+++ b/server/ui/controller/controller.go
@ -49,6 +49,7 @@ func (c *Controller) getCommonTemplateArgs(ctx *core.Context) (tplParams, error)
 		"countUnread":       countUnread,
 		"csrf":              ctx.CSRF(),
 		"flashMessage":      ctx.FlashMessage(),
 		"flashErrorMessage": ctx.FlashErrorMessage(),
 	}
 	return params, nil
 }
--- a/server/ui/controller/oauth2.go
+++ b/server/ui/controller/oauth2.go
@ -71,7 +71,20 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re
 	}
 	if ctx.IsAuthenticated() {
-		user := ctx.LoggedUser()
+		user, err := c.store.UserByExtraField(profile.Key, profile.ID)
 		if err != nil {
 			response.HTML().ServerError(err)
 			return
 		}
 		if user != nil {
 			logger.Error("[OAuth2] User #%d cannot be associated because %s is already associated", ctx.UserID(), user.Username)
 			ctx.SetFlashErrorMessage(ctx.Translate("There is already someone associated with this provider!"))
 			response.Redirect(ctx.Route("settings"))
 			return
 		}
 		user = ctx.LoggedUser()
 		if err := c.store.UpdateExtraField(user.ID, profile.Key, profile.ID); err != nil {
 			response.HTML().ServerError(err)
 			return