Google Oauth request email

asked 2012-08-19 12:52:51 -0600

Jtrain's avatar

The current openauth implementation in deps/django_authopenid does try to request email and nickname, but it isn't the correct way to tickle google if you want to retrieve the user's email.

I've submitted a patch that does two things:

  • correctly requests from google the email so the user doesn't need to confirm it when returning from openid
  • Checks the google returned email address against other addresses in the database and then sets the current logged in user as that matching user (if one already exists). This was because I found that google provides a different openid hash for the same user for different websites. Our website changed hostname, and users were unable to log into their old accounts because the openid hash google returned changed.

edit retag flag offensive close merge delete