Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicate user issue when using social auth #4185

Closed
sentry-io bot opened this issue Jun 18, 2024 · 2 comments · Fixed by #4207
Closed

Duplicate user issue when using social auth #4185

sentry-io bot opened this issue Jun 18, 2024 · 2 comments · Fixed by #4207
Labels
api Issue related to the REST API bug Something isn't working

Comments

@sentry-io
Copy link

sentry-io bot commented Jun 18, 2024

Sentry Issue: FLAGSMITH-API-4Q3

FFAdminUser.MultipleObjectsReturned: get() returned more than one FFAdminUser -- it returned 2!
(13 additional frame(s) were not displayed)
...
  File "custom_auth/views.py", line 42, in post
    serializer.is_valid(raise_exception=True)
  File "users/models.py", line 93, in get_by_natural_key
    return self.get(email__iexact=email)

It seems as though it is possible to create duplicate (when evaluated case insensitively) email addresses in the database by authenticating first with email password.

Based on example, it seems that the steps to reproduce this issue are:

  1. Register (using email and password) with an email address using all lower case e.g. [email protected]
  2. Register (using Google) with the same email address but with certain characters capitalised, e.g. [email protected]
@sentry-io sentry-io bot added api Issue related to the REST API bug Something isn't working labels Jun 18, 2024
@matthewelwell matthewelwell changed the title Duplicate user issue when user social auth Duplicate user issue when using social auth Jun 20, 2024
@khvn26
Copy link
Member

khvn26 commented Jun 20, 2024

I guess CIEmailField is not an option given the continued Oracle support?

@matthewelwell matthewelwell mentioned this issue Jun 21, 2024
Merged
@matthewelwell
Copy link
Contributor

I guess CIEmailField is not an option given the continued Oracle support?

Correct.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api Issue related to the REST API bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: oauth user case sensitivity Flagsmith/flagsmith
2 participants
@khvn26 @matthewelwell