wagnerdelima / drf-social-oauth2

drf-social-oauth2 makes it easy to integrate Django social authentication with major OAuth2 providers, i.e., Facebook, Twitter, Google, etc.
https://drf-social-oauth2.readthedocs.io/en/latest/
MIT License
274 stars 34 forks source link

Auth/convert-token returns 500 internal server error when email is already registered. #48

Closed MidoCobra closed 1 year ago

MidoCobra commented 3 years ago

Auth/convert-token returns 500 internal server error when user tries to create an account with social login i.e Facebook...

And when I checked the reason, it was because client has created an account already in my site with the same email he is registering his Facebook account with.

So it is a duplicated email..

Would you update the app with a status 200 response for this case?

Or kindly support me to do it my self..

Thanks in advance

wagnerdelima commented 3 years ago

Sorry for the late reply. I will loook into this a bit later next week if I can. I am extremely busy with work right now.

ecakashjadhav commented 2 years ago

same issue

wagnerdelima commented 2 years ago

@MidoCobra and @ecakashjadhav, did you manage to overcome this?

ecakashjadhav commented 2 years ago

@wagnerdelima No. I used another library. Thanks

ecakashjadhav commented 2 years ago

@wagnerdelima Can you add documentation for signing with apple?. Because python-social-auth is not clear documentation for apple.

wagnerdelima commented 2 years ago

Hi @ecakashjadhav,

I will work on this in the future, promise. However, as of now, I believe the framework needs attention in other areas. I know, python-social-auth sometimes does not support a few backends, so there is no way around that.

ecakashjadhav commented 2 years ago

@wagnerdelima Thanks for quick response

wagnerdelima commented 2 years ago

@ecakashjadhav my pleasure.

wagnerdelima commented 2 years ago

@ecakashjadhav how exactly do I replicate this issue in my local environment?

ecakashjadhav commented 2 years ago

Create a user with a simple email and password. Then that same email using try to sign with Facebook

MidoCobra commented 2 years ago

@MidoCobra and @ecakashjadhav, did you manage to overcome this?

Sorry for being away for a long time... Actually I did not, as the project stopped... but it is still published .. you may try to register on it to figure the problem and test it for further improvement for your great project.. www.marchpart.com

Thanks a lot

wagnerdelima commented 2 years ago

Thank you!

fahedmahidi commented 1 year ago

Where are we on this issue ? Actually several other users (including myself) are having this issue.

Several opened tickets are mentioning it, namely : #131 and #147

in #131 you might find the beginning of an answer, or a clue about what is going wrong :

"So I went into drf_social_oauth2/views/ConvertTokenView.post() to manually remove the PS1 header from the response headers and it works fine. I know this isn't ideal so I'd like suggestions for a better way. If this is a bug on the module, please get it fixed."

All the best !

wagnerdelima commented 1 year ago

I am closing this issue. You can handle password-based authentication in your backend. It's not drf-social-oauth's responsibility to deal with it, since it already deals with multiple social backend's sign-in.

ecakashjadhav commented 1 year ago

@wagnerdelima Thanks!

bilal-nexquery commented 1 year ago

Same issue!! Is the issue resolved yet? If we have a custom user of same email which we are trying to login with social accounts. /convert-token throws an error of [Auth/convert-token returns 500 internal server error when email is already registered.]

wagnerdelima commented 1 year ago

@MidoCobra @ecakashjadhav @fahedmahidi @bilal-nexquery,

If you have a customer user you will need to handle the duplicate email address on your backend. drf-social-oauth2 does not save the email address. Here is one example:

  1. I created one user in my django admin with my personal email address.
  2. I fired a request to google and to facebook backends via /convert-token endpoint.
  3. All requests are successful.

image

As you can see, the the email field is empty:

image

Let me know if there is another way to replicate this.

bilal-nexquery commented 1 year ago

@wagnerdelima Thanks for your time and efforts. I believe this will still throw an error if you have (username field as email) in your CustomUser model. This is because if you register user using an email registered with your social account first and then send a request to convert/token. It will throw error as it will try to save the user with email address already present in your db and being unique field it will return with an error. I am also personally looking in this issue will update if any solution is found.