strip off http/https when checking OpenID logins #1907

kareila opened this Issue Dec 14, 2016 · 0 comments


None yet
2 participants

kareila commented Dec 14, 2016

We've ended up with a situation where someone has two OpenID accounts from the same provider, because one started with https and the other with http. Let's prevent this from happening again.

@kareila kareila self-assigned this Feb 4, 2017

kareila added a commit to kareila/dw-free that referenced this issue Feb 4, 2017

[#1907] also look for http when given https
This works in my testing - if the OpenID account was
originally created with http, we can look up the existing
account with either http or https, instead of creating a
second account when the user switches to https.

Fixes #1907.

@kareila kareila referenced this issue Feb 4, 2017


OpenID fixes #1956

@zorkian zorkian closed this in #1956 Feb 12, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment