Google Oauth request email

The current openauth implementation in deps/django_authopenid does try to request email and nickname, but it isn't the correct way to tickle google if you want to retrieve the user's email.

I've submitted a patch that does two things:

  • correctly requests from google the email so the user doesn't need to confirm it when returning from openid
  • Checks the google returned email address against other addresses in the database and then sets the current logged in user as that matching user (if one already exists). This was because I found that google provides a different openid hash for the same user for different websites. Our website changed hostname, and users were unable to log into their old accounts because the openid hash google returned changed.

https://github.com/jtrain/askbot-devel/commit/8898ddf36a457306ebffb6891429830df0827de5

Jtrain's avatar
293
Jtrain
asked 2012-08-19 12:52:51 -0600
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments