New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Email validation needs an email parameter (docs) #577
Comments
What's the vague exception? |
Exception Type: AuthMissingParameter This exception is raised when we validate email within different session.
|
If that's the error, it won't only fail the validation because email is "missing", it will also break the whole authentication process since the pipeline information is empty, the whole authentication process will fail. |
@omab The whole authentication process is not fail - it will start as new login/register process... |
@omab as @maxsocl mention above I don't think the current implementation is how most users expect things to work. There should not be a dependency on the session for the mail validation partial. There is no guarantee the user will continue the process using the same device or even browser. Any state information should be retrievable from the validation link and not depend on the session. |
@omab @craig-hacklaunch |
@maxsocl, @craig-hacklaunch, I see the problem now, and even if I think that this could be solved with a re-write of the email validation pipeline, this affects all the pipeline functions that use the partial mechanism, so, I'm already working on a restructure of the pipeline serialization functionality that will improve this behavior. Basically the pipeline data will be dumped to a DB table and a hash code will be used to identify the processes which can be stopped and continue later, removing the dependency of the session. |
@omab thanks for your contribution to the community :). Your fix sounds like a good approach, I guess this will fix the problem for all partial pipelines that were using the session to dump their data to before. |
@omab it is a good news for everyone 😄 thank you for contribution! |
@omab Is it fixed now ? @maxsocl Can you please share the solution/fork you are using. I was using this https://gist.github.com/SaneMethod/b30156a3705ce9e944cd#file-django-python-social-auth-monkey-py till now , but it fails if session_key gets deleted/changed in the database. Django updates session_key each time the session data changes. So in case any other user logs in the same browser the session_key gets changed and user can't verify with the email link. |
Any updates for MissingParameterEmail? |
@dmaze your fix still gives me:
|
The documentation recommends creating a completion URL for email validation with
but you get a vague exception if the link isn't clicked within the same session. Adding an email query parameter fixes this. My working code looks like
The text was updated successfully, but these errors were encountered: