New DingDing user phone_exists check 302

Problem to solve

New User scans QR code from DingDing to signup ( this will auto-create a new user in GitLab with a temp_oauth_email which is like temp-email-for-oauth-uname@gitlab.localhost ), then redirect to terms page(/-/users/terms). When typing the phone number, and the phone existing check API (/users/:number/phone_exists) will return 302 instead of 200

Proposal

See https://gitlab.com/gitlab-jh/gitlab/-/blob/main-jh/app/controllers/application_controller.rb#L36

  before_action :require_email, unless: :devise_controller?

Since every request in Gitlab will check the existence of non-temp email, and see https://gitlab.com/gitlab-jh/gitlab/-/blob/main-jh/app/controllers/application_controller.rb#L383

  def require_email
    if current_user && current_user.temp_oauth_email? && session[:impersonator_id].nil?
      redirect_to profile_path, notice: _('Please complete your profile with email address')
    end
  end

this will redirect to profile page and return code of 302 to enforce updating the real and valid email. and phone_exists action is not excluded, so we need to skip the filter before phone existence check.

CC @qianzhangxa @icbd

由 Qian Zhang (Gary) 编辑于 11月 23, 2021