Check the user according to email before creating an external user.

Resolve #9519
4 years ago · a46351ca41
parent 0bdfdfa3a8
commit a46351ca41
1 changed files with 16 additions and 16 deletions
--- a/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
+++ b/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
@ -216,7 +216,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
                Logger.LogWarning($"External login callback error: user is locked out!");
                throw new UserFriendlyException("Cannot proceed because user is locked out!");
            }
-            
+
            if (result.IsNotAllowed)
            {
                Logger.LogWarning($"External login callback error: user is not allowed!");
@ -230,24 +230,29 @@ namespace Volo.Abp.Account.Web.Pages.Account

            //TODO: Handle other cases for result!

-            // Get the information about the user from the external login provider
-            var externalLoginInfo = await SignInManager.GetExternalLoginInfoAsync();
-            if (externalLoginInfo == null)
-            {
-                throw new ApplicationException("Error loading external login information during confirmation.");
-            }
-
-            if (!IsEmailRetrievedFromExternalLogin(externalLoginInfo))
+            var email = loginInfo.Principal.FindFirstValue(AbpClaimTypes.Email);
+            if (email.IsNullOrWhiteSpace())
            {
                return RedirectToPage("./Register", new
                {
                    IsExternalLogin = true,
-                    ExternalLoginAuthSchema = externalLoginInfo.LoginProvider,
+                    ExternalLoginAuthSchema = loginInfo.LoginProvider,
                    ReturnUrl = returnUrl
                });
            }

-            var user = await CreateExternalUserAsync(externalLoginInfo);
+            var user = await UserManager.FindByEmailAsync(email);
+            if (user == null)
+            {
+                user = await CreateExternalUserAsync(loginInfo);
+            }
+            else
+            {
+                if (await UserManager.FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey) == null)
+                {
+                    CheckIdentityErrors(await UserManager.AddLoginAsync(user, loginInfo));
+                }
+            }

            await SignInManager.SignInAsync(user, false);

@ -261,11 +266,6 @@ namespace Volo.Abp.Account.Web.Pages.Account
            return RedirectSafely(returnUrl, returnUrlHash);
        }

-        private static bool IsEmailRetrievedFromExternalLogin(ExternalLoginInfo externalLoginInfo)
-        {
-            return externalLoginInfo.Principal.FindFirstValue(AbpClaimTypes.Email) != null;
-        }
-
        protected virtual async Task<IdentityUser> CreateExternalUserAsync(ExternalLoginInfo info)
        {
            await IdentityOptions.SetAsync();