Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password checker field in OAuth Login #3032

Closed
SidharthBansal opened this issue Jul 10, 2018 · 5 comments · Fixed by #3158
Closed

Password checker field in OAuth Login #3032

SidharthBansal opened this issue Jul 10, 2018 · 5 comments · Fixed by #3158
Labels
planning Planning issues! summer-of-code
Milestone
Login/SignUp & OAuth

Comments

@SidharthBansal
Copy link
Member

SidharthBansal commented Jul 10, 2018
edited
Loading

Please describe the problem (or idea)

A user creates an account by the legacy authentication system. The field password_checker is set as zero. Now he tries to login. The username will be taken. We will check if the user having this username has password_checker field as zero. Yes the user has it set as zero we will check if the password matches and logs him in.

Let us define the fields for provider
Facebook 1
Github 2
Google 3
Twitter 4
A new user creates his account using provider. Password checker will be initialised as mentioned above. Then an email is sent to his account to change the password. If the user resets his password then password checker field is set to zero.
Suppose he forgets to change his password. So it will be a non zero field until he resets his password.
Without resetting the password user tries to login with the username and password. He enters wrong password. Then the backend flow will be like follows. We will fetch the user from the username Then we will fetch the password checker field. We see that this is 1 that means the user has created his account via Facebook. So we will notify the user that he has to change his password by going to forget password.

We will set the field of all the existing users in our database as zero.
If the field is zero and a user links his account then the password checker field need not to be changed.

We don't have to do anything with the user tag model here. Just we need to migrate the user model.
Part of #2676
@SidharthBansal SidharthBansal mentioned this issue Jul 10, 2018
Closed
68 tasks
@SidharthBansal SidharthBansal added this to the OAuth Login milestone Jul 10, 2018
@SidharthBansal
Copy link
Member Author

@jywarren can please tell me what is the difference between the ruser and user? Which one do I need to migrate. The schema is as follows
image

image
I will be naming the new field as password checker.

@SidharthBansal
Copy link
Member Author

I think I need to migrate ruser. But I am not sure.

@jywarren
Copy link
Member

That's right, we're trying to get rid of users -- rusers = User, and users = DrupalUser. Thanks!

@SidharthBansal
Copy link
Member Author

Sorry for late reply. I was sleeping at that time.

Ok, I will send the migration of ruser.
Thanks

@jywarren
Copy link
Member

jywarren commented Jul 18, 2018 via email

This was referenced Jul 18, 2018
Closed
Merged
@SidharthBansal SidharthBansal mentioned this issue Jul 31, 2018
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
planning Planning issues! summer-of-code
Projects
None yet
Milestone
Login/SignUp & OAuth
Development

Successfully merging a pull request may close this issue.

Notifications field added while creating users with omniauth SidharthBansal/plots2
2 participants
@jywarren @SidharthBansal