MyFinances icon indicating copy to clipboard operation
MyFinances copied to clipboard
verified publisher icon TreyWW

bug: Setup process allows you to create more than one superuser with the same email.

Open James-Makela opened this issue 1 year ago • 3 comments

What version of MyFinances are you currently using?

latest

What device type are you currently facing the issue on?

Desktop

Describe the bug

Steps:

  1. Clone repo
  2. Follow set up instructions at https://docs.myfinances.cloud/getting-started/installation/#setup-the-backend-django
  3. At step 5, create a superuser, do this twice, with the same email, but different username
  4. Complete the setup
  5. Run the server and try to log in

At this point the log in fails with the following error:

File "/Users/james/repos/MyFinances/venv/lib/python3.11/site-packages/django/db/models/query.py", line 652, in get
    raise self.model.MultipleObjectsReturned(
backend.models.User.MultipleObjectsReturned: get() returned more than one User -- it returned 2!

I have tested this process a few times, the program seems to only check for a duplicate user name when creating a superuser, however allows you to create a new user with a different username, and the same email. This causes log in to fail, as log in appears to check for email, then throws an error when it finds two accounts with the same email.

I assume the same protection that is in place to check for a duplicate username could be utilized to also check for a duplicate email address.

James-Makela avatar May 08 '24 05:05 James-Makela

Amazing, thank you for the bug report! I'll get in this later, thanks :)

TreyWW avatar May 08 '24 05:05 TreyWW

No worries. I would be keen to tackle this one over the weekend if I could please be assigned?

James-Makela avatar May 08 '24 05:05 James-Makela