Merge pull request #28 from zee93/master

Handle HttpResponses returned by the pipeline
st4lk · Jul 6, 2016 · 41bf6a8 · 41bf6a8
2 parents 7ae6986 + c0faddd
commit 41bf6a8
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 1 deletion.
diff --git a/example_project/config/settings.py b/example_project/config/settings.py
@@ -132,6 +132,7 @@
     'social.pipeline.social_auth.social_details',
     'social.pipeline.social_auth.social_uid',
     'social.pipeline.social_auth.auth_allowed',
+    'users.social_pipeline.check_for_email',
     'social.pipeline.social_auth.social_user',
     'social.pipeline.user.get_username',
     'social.pipeline.user.create_user',

diff --git a/example_project/users/social_pipeline.py b/example_project/users/social_pipeline.py
@@ -1,4 +1,5 @@
 import hashlib
+from rest_framework.response import Response
 
 
 def auto_logout(*args, **kwargs):
@@ -27,3 +28,8 @@ def save_avatar(strategy, details, user=None, *args, **kwargs):
         if social_thumb and user.social_thumb != social_thumb:
             user.social_thumb = social_thumb
             strategy.storage.user.changed(user)
+
+
+def check_for_email(backend, uid, user=None, *args, **kwargs):
+    if not kwargs['details'].get('email'):
+        return Response({'error': "Email wasn't provided by facebook"}, status=400)
diff --git a/rest_social_auth/views.py b/rest_social_auth/views.py
@@ -16,14 +16,14 @@
 from social.strategies.utils import get_strategy
 from social.utils import user_is_authenticated, parse_qs
 from social.apps.django_app.views import _do_login as social_auth_login
+from django.http import HttpResponse
 from social.exceptions import AuthException
 from rest_framework.generics import GenericAPIView
 from rest_framework.response import Response
 from rest_framework import status
 from rest_framework.authentication import TokenAuthentication
 from rest_framework.permissions import AllowAny
 from requests.exceptions import HTTPError
-
 from .serializers import (OAuth2InputSerializer, OAuth1InputSerializer, UserSerializer,
     TokenSerializer, UserTokenSerializer, JWTSerializer, UserJWTSerializer)
 
@@ -110,6 +110,8 @@ def post(self, request, *args, **kwargs):
             user = self.get_object()
         except (AuthException, HTTPError) as e:
             return self.respond_error(e)
+        if isinstance(user, HttpResponse):  # An error happened and pipeline returned HttpResponse instead of user
+            return user
         resp_data = self.get_serializer(instance=user)
         self.do_login(request.backend, user)
         return Response(resp_data.data)

diff --git a/tests/test_social.py b/tests/test_social.py
@@ -328,6 +328,17 @@ def test_login_social_session_model_permission(self, m_permission_classes):
             reverse('login_social_session'),
             {'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'})
 
+    def test_user_login_with_no_email(self):
+        user_data_body = json.loads(self.user_data_body)
+        user_data_body['email'] = ''
+        self.user_data_body = json.dumps(user_data_body)
+        self.do_rest_login()
+        resp = self.client.post(
+            reverse('login_social_token'), data={'provider': 'facebook', 'code': '3D52VoM1uiw94a1ETnGvYlCw'}
+        )
+        self.assertEqual(resp.status_code, 400)
+        self.assertIn('error', resp.data)
+
 
 class TestSocialAuth2Error(APITestCase, BaseFacebookAPITestCase):
     access_token_status = 400