Hi,
I'm finally playing with dsa authentication allowing a user to
authenticate with several social services. Of course, when I try to
associate a django account to a service which is already in use by
another django account, AuthException is thrown:
AuthException at /complete/dropbox/
This dropbox account is already in use.
Request Method: GET
Request URL:
http://mydomain.tld/complete/dropbox/?uid=84703928&oauth_token=1uqdesv8hkd8bx5
Django Version: 1.4
Exception Type: AuthException
Exception Value: This dropbox account is already in use.
Exception Location: build/bdist.linux-armv5tel/egg/social_auth/backends/pipeline/social.py
in social_auth_user, line 27
Python Executable: /usr/bin/python
Python Version: 2.6.2
Question 1: Where do I catch this exception? -- The traceback shows a
route which does not reach my django code; execution terminates at
social_auth/backends/pipeline/social.py
Googling for this you find a hint saying to modify the authentication
pipeline and create your own version of a related function [1]. Is
this the way to go?
[1]
http://stackoverflow.com/questions/10294657/how-to-use-social-auth-process-exceptions-setting
Question 2: This is more workflow / user experience /security related:
What would you offer to the user in such a case?
a) Tell them which account already uses that social service, and
offer to switch to that account?
b) Tell them which account already uses that social service, and
offer them to merge the two accounts? (with the active one being the
master of the merger)
c) Tell them that there is an account using the service, but not
disclosing more information about it?
Thanks for any thoughts and ideas,
Peter