diff --git a/spec/ParseUser.spec.js b/spec/ParseUser.spec.js index e97db08a6c..9d3645c1a1 100644 --- a/spec/ParseUser.spec.js +++ b/spec/ParseUser.spec.js @@ -1262,6 +1262,29 @@ describe('Parse.User testing', () => { done(); }); + fit('log in with Facebook and save signed up User with verifyUserEmails=true and preventLoginWithUnverifiedEmail=true', async () => { + const provider = getMockFacebookProvider(); + const emailAdapter = { + sendPasswordResetEmail: () => Promise.resolve(), + sendMail: () => Promise.resolve(), + }; + await reconfigureServer({ + appName: 'ExampleApp', + verifyUserEmails: true, + preventLoginWithUnverifiedEmail: true, + emailAdapter: { + module: emailAdapter, + }, + publicServerURL: 'http://localhost:8378/1', + }); + + Parse.User._registerAuthenticationProvider(provider); + const user = await Parse.User.logInWith('facebook', {authData: provider.authData}); + expect(user.getSessionToken()).toBeDefined() + user.save() + await expectAsync(user.save()).toBeResolved(); + }); + it('can not set authdata to null', async () => { try { const provider = getMockFacebookProvider(); diff --git a/src/RestWrite.js b/src/RestWrite.js index c2d4e1580c..cbac86e0a0 100644 --- a/src/RestWrite.js +++ b/src/RestWrite.js @@ -527,6 +527,8 @@ RestWrite.prototype.handleAuthData = async function (authData) { const userResult = results[0]; const foundUserIsNotCurrentUser = userId && userResult && userId !== userResult.objectId; + this.storage.authProvider = Object.keys(authData).join(','); + if (results.length > 1 || foundUserIsNotCurrentUser) { // To avoid https://github.com/parse-community/parse-server/security/advisories/GHSA-8w3j-g983-8jh5 // Let's run some validation before throwing @@ -548,7 +550,6 @@ RestWrite.prototype.handleAuthData = async function (authData) { // User found with provided authData if (results.length === 1) { - this.storage.authProvider = Object.keys(authData).join(','); const { hasMutatedAuthData, mutatedAuthData } = Auth.hasMutatedAuthData(