FIX: messages when logging in without password for oauth (publiclab#7292

) * FIX: messages when logging in * add testing * fix travis
greenbrown · Jan 22, 2020 · 6112ae0 · 6112ae0
1 parent 4d7086b
commit 6112ae0
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 3 deletions.
diff --git a/app/controllers/user_sessions_controller.rb b/app/controllers/user_sessions_controller.rb
@@ -117,7 +117,7 @@ def handle_social_login_flow(auth)
 
   def handle_site_login_flow
     username = params[:user_session][:username] if params[:user_session]
-    u = User.find_by(username: username)
+    u = User.find_by(username: username) || User.find_by(email: username)
     if u && u.password_checker != 0
       n = u.password_checker
       hash = { 1 => "Facebook", 2 => "Github", 3 => "Google", 4 => "Twitter"  }

diff --git a/test/functional/user_sessions_controller_test.rb b/test/functional/user_sessions_controller_test.rb
@@ -18,7 +18,7 @@ class UserSessionsControllerTest < ActionController::TestCase
     assert_redirected_to '/dashboard'
   end
 
-  test 'should login and redirect to corresct url' do
+  test 'should login and redirect to correct url' do
     session[:return_to] = '/post?tags=question:question&template=question'
     post :create, params: { user_session: { username: users(:jeff).username, password: 'secretive' } }
     assert_redirected_to '/post?tags=question:question&template=question'
@@ -303,7 +303,7 @@ class UserSessionsControllerTest < ActionController::TestCase
     assert @response.redirect_url.include? "/notes/liked"
   end
 
-  test "logging in through omniauth and then through normal login should display error and redirect" do
+  test "logging in through omniauth and then logging in with username should display correct error and redirect" do
     request.env['omniauth.auth'] =  OmniAuth.config.mock_auth[:github1]
     # login through omniauth 
     post :create
@@ -314,6 +314,17 @@ class UserSessionsControllerTest < ActionController::TestCase
     assert_equal flash[:error], "This account doesn't have a password set. It may be logged in with Github account, or you can set a new password via Forget password feature"
   end
 
+  test "logging in through omniauth and then logging in with email should display correct error and redirect" do
+    request.env['omniauth.auth'] =  OmniAuth.config.mock_auth[:github1]
+    # login through omniauth 
+    post :create
+    # logout
+    post :destroy
+    request.env['omniauth.auth'] = nil
+    post :create, params: { user_session: { username: "[email protected]", password: "random"} }
+    assert_equal flash[:error], "This account doesn't have a password set. It may be logged in with Github account, or you can set a new password via Forget password feature"
+  end
+
   test "logging in with banned user through normal login should fail" do
     user = users(:bob)
     user.ban