I was originally going to post this to https://www.drupal.org/node/2731955, but as it became a pretty heavy refactor/rewrite, I thought it's own issue might be warranted.

Currently, restricting the login domain does not actually prevent a user from creating a user and logging in with a google account using a different domain address. It also does not prevent a user from logging into Drupal who had created an account before the restriction was put in place.

In the process of fixing this, I came across bugs in the gauth_google_response, find_existing_user, and user_login_submit functions; as well as duplicate code. I went ahead and performed a pretty heavy first-pass refactoring on the code in an effort to clean up and simplify the issues. I'm positive this can be refactored further, as well as moving some of the functions into classes, but I wanted to get this reviewed as soon as possible.

CommentFileSizeAuthor
gauth_login_refactoring.patch12.3 KBgeinosky
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

geinosky created an issue. See original summary.

Anonymous’s picture

Anonymous (not verified) CreditAttribution: Anonymous commented

I need this code any chance this could be included sometime soon?

sadashiv’s picture

sadashiv CreditAttribution: sadashiv commented

I quickly went through the code, I think some part of the code can go in but not all. I think few changes are specific to a site requirement and and not required/generalized.

Thanks,
Sadashiv