Invites keep getting error "not_matching_email"

EGreg · August 16, 2022, 9:18pm

You can reproduce this bug yourself. I send out invites on a forum, and they arrive with a link like this:

You click the link, and see:

So far, so good. But then when I click Continue, I get:

I googled it and saw the only mention is in github language files for the repo. Looking up the key, I found this is the relevant code:

github.com

discourse/discourse/blob/d600c36036c5c3b53787067682128ae2d86311bf/app/models/invite_redeemer.rb#L104


      
            existing_user = get_existing_user
          
          
  if existing_user.present? && InvitedUser.exists?(user_id: existing_user.id, invite_id: invite.id)
              return false
            end
          
          
  true
          end
          
          
def validate_invite_email!
            return if email.blank?
          
          
  if invite.email.present? && email.downcase != invite.email.downcase
              raise ActiveRecord::RecordNotSaved.new(I18n.t('invite.not_matching_email'))
            end
          
          
  if invite.domain.present?
              username, domain = email.split('@')
          
          
    if domain.present? && invite.domain != domain
                raise ActiveRecord::RecordNotSaved.new(I18n.t('invite.domain_not_allowed'))

Somehow “email” is not empty, even though I am not logged in (try it yourself, in an incognito window). So where does “email” come from, in the code? Perhaps someone here would know.

Falco · August 16, 2022, 9:26pm

Is the site setting normalize_emails enabled on this site?

pfaffman · August 16, 2022, 9:34pm

And is DiscourseConnect still active on this site?

I thought that you couldn’t create invites if SSO was turned on. Did that get changed in that recent update to invites, @Falco ?

EGreg · August 16, 2022, 9:51pm

I tried it with regular emails too like foo@bar.com without +

Stephen · August 17, 2022, 12:37am

I think your site has a bigger problem. If I click to log in I am automatically signed in as this user:

Invites shouldn’t be possible with SSO, and your external auth is letting users straight into the site. In that case the email is probably invalid because it’s comparing the email in the invite to the user above?

pfaffman · August 17, 2022, 12:42am

That’s it. The user is hard coded in the SSO code to test things so anyone who goes there is logged in as that user. So things see broken.

I’m still confused how you can send invites when sso is enabled.

system · January 18, 2023, 1:47pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
User following invitation link is not visible in Admin/Users due to SSO Support	10	1163	June 1, 2021
DiscourseConnect SSO error WordPress	3	640	August 9, 2021
Unable to save invite when email address field is filled in Bug invites	4	685	March 24, 2023
Email invites, can't click send invite button on certain categories Support	9	1349	July 14, 2016
Invite links (Accept Invitation Button) with SSO not working for stable v2.8.10 Bug sso , invites	25	2012	July 14, 2023

Invites keep getting error "not_matching_email"

Related topics