-
-
Notifications
You must be signed in to change notification settings - Fork 444
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: issue with PhoneDevice being imported when not enabled #648
fix: issue with PhoneDevice being imported when not enabled #648
Conversation
0a8d128
to
c480de6
Compare
c480de6
to
a51ed39
Compare
Ideally, if we could have a test to avoid any regression, it would be great. The test might be more difficult to write than the fix 😓 |
…without phonenumber plugin enabled
…bility-tests Add tests and compatibility fixes
@claudep updated to add tests for with/without the phonenumber plugin enabled. |
Codecov Report
@@ Coverage Diff @@
## master #648 +/- ##
==========================================
+ Coverage 95.38% 95.44% +0.05%
==========================================
Files 75 76 +1
Lines 3252 3293 +41
Branches 372 264 -108
==========================================
+ Hits 3102 3143 +41
Misses 119 119
Partials 31 31
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
I'm not convinced this will be sufficient, because you still import |
It's working because the We did consider adding the import inside the block which only runs when Edit: I see what you mean now - that's not the problem that this PR seeks to fix, it's simply fixing that |
Ah, thanks for the clarification. |
Description
Crash was being caused by assuming
phonenumbers
was being used, even when not enabled. This PR checks to see if the library is included, for backwards compatibility, before including it.Motivation and Context
When you view the 2FA "profile" page, it calls
backup_phones()
directly from the phone plugin, which causes afrom .models import PhoneDevice
This then means that the
PhoneDevice
model is known to django's model registry and it gets associated with thetwo_factor
rather thantwo_factor.plugins.phonenumber
.It does not cause a problem right after because the
PhoneDevice
sits on the end of the list of available models for checking to see if a user has 2FA.Later on though in device_classes, when you look at a user with no 2FA methods it crashes because it tries to look up data on that non-existent table.
In short: After the first call to
backup_phones()
, the django process then erroneously has PhoneDevice in it's model registry. After that,django_otp.device_classes
picks upPhoneDevice
as one of the available options and any timedevices_for_user
is called, we see the error.Open Issues
https://stackoverflow.com/questions/73104958/no-such-table-two-factor-phonedevice-when-using-django-two-factor-auth-1-14-0
How Has This Been Tested?
Tested accessing profile page without phone number 2FA enabled.
Screenshots (if appropriate):
Types of changes
Checklist: