search

smaranjitghose / girlscript_app

A boilerplate for any technical community to pick up and use for their own without any hastle This app is a center to various events ranging from portraying the member’s achievements to announcing the upcoming opportunities. Additionally, this app developed by the community, and for the community, will add elegance. Plus, being as an open source project, this will be a golden opportunity for beginners to learn and contribute to it just like a cherry on the cake.
Creative Commons Zero v1.0 Universal
74 stars 107 forks source link

Google Sign In OAuth2 Security Flaw #275

Closed rish07 closed 3 years ago

rish07 commented 4 years ago

Hey @himanshusharma89 I was going through the app and came across the following issue: 1) I pressed sign in with google on the sign-up page. 2) Didn't select an account and pressed back. 3) The app redirected me to the Dashboard with null values with though I wasn't authenticated.

I am attaching a screenshot of the app being logged in without auth. WhatsApp Image 2020-09-29 at 1 50 59 AM

I would like to work on this issue as well along with the Github auth implementation during Hacktoberfest.

github-actions[bot] commented 4 years ago

We shall look into this issue. Thanks for bringing it to our notice!

himanshusharma89 commented 4 years ago

Go ahead @rish07. Assigning this issue to you.

himanshusharma89 commented 4 years ago

Any update @rish07?

rish07 commented 4 years ago

Hey @himanshusharma89, I actually have an exam tomorrow so I'll fix it by tomorrow evening.

himanshusharma89 commented 4 years ago

Okay, @rish07. Good luck.

himanshusharma89 commented 4 years ago

Also, the null value is still there after successful sign-up, but it doesn't occur if we restart the app. I checked the mapping methods, it is fine but still, the issue is there. Have a look into this also.

rish07 commented 4 years ago

Sure

arbazdiwan commented 4 years ago

@himanshusharma89, I would like to solve this issue if @rish07 is facing any problems.

himanshusharma89 commented 4 years ago

@arbazdiwan, @rish07 will work on it and update us soon

arbazdiwan commented 4 years ago

ok Himanshu

On Sat, 3 Oct 2020, 10:22 pm HIMANSHU SHARMA, notifications@github.com wrote:

@arbazdiwan https://github.com/arbazdiwan, @rish07 https://github.com/rish07 will work on it and update us soon

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/smaranjitghose/girlscript_app/issues/275#issuecomment-703132135, or unsubscribe https://github.com/notifications/unsubscribe-auth/AF5PZSHJGI36AVJ5PO27VYDSI5JENANCNFSM4R46CGVA .