You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
run the bare-minimum user registration app more-or-less copied from the tutorial (can make example repo if useful).
send a registration message to server
error raised during sending of confirmation email (because I forgot to enable console email backend)
enable console email backend & restart
send same registration message to server
Expected:
A user is registered and an email is printed to console
Actual:
% http $u/ra/reg/ < res/reg0.json
HTTP/1.1 400 Bad Request
Allow: POST, OPTIONS
Content-Length: 125
Content-Type: application/json
Date: Sun, 04 Mar 2018 17:11:09 GMT
Server: WSGIServer/0.2 CPython/3.6.4
Vary: Accept, Cookie
X-Frame-Options: SAMEORIGIN
{
"email": [
"A user is already registered with this e-mail address."
],
"username": [
"A user with that username already exists."
]
}
In my view, this is a bug, or at least a bad design. This may only be me messing around with this stuff on my laptop, but it's a real issue that could come up in production.
The problem is that the register method (rest_auth.registration.views.RegisterView.perform_create) writes the user and then calls complete_signup, which could error for any number of reasons, including transient errors. If it does, the user might experience the following:
submits signup form
sees "sorry, an error occurred"
tries to signup again
sees "sorry, this email is registered"
tries to login
sees "sorry, this account is disabled"
curses repeatedly, leaves forever
I would suggest something like this:
on entering perform_create we begin a db transaction.
on completing everything successfully, we write the txn, creating the new registration.
if there is an unhandled exception, we roll back the txn (possibly, only if ROLL_BACK_REGISTRATION_ON_ERROR is set).
I made a stab at a PR for this (which I'll submit in a sec). I haven't used django in about 5 years, so it may not be good style.
The text was updated successfully, but these errors were encountered:
I do the following:
Expected:
A user is registered and an email is printed to console
Actual:
In my view, this is a bug, or at least a bad design. This may only be me messing around with this stuff on my laptop, but it's a real issue that could come up in production.
The problem is that the register method (
rest_auth.registration.views.RegisterView.perform_create) writes the user and then callscomplete_signup, which could error for any number of reasons, including transient errors. If it does, the user might experience the following:I would suggest something like this:
perform_createwe begin a db transaction.ROLL_BACK_REGISTRATION_ON_ERRORis set).I made a stab at a PR for this (which I'll submit in a sec). I haven't used django in about 5 years, so it may not be good style.
The text was updated successfully, but these errors were encountered: