fix(filestore): ensure user does not exist before renewing login

Author: mwfarb

users/filestore.py

@@ -226,7 +226,6 @@ def set_filestore_pass(user: User):
     except (requests.exceptions.ConnectionError, requests.exceptions.HTTPError) as err:
         print(err)
         return False
-    print(r_users.text)
     for r_user in json.loads(r_users.text):
         if r_user["username"] == user.username:
             edit_user = r_user
@@ -251,6 +250,25 @@ def set_filestore_pass(user: User):
     return fs_user_token
 
 
+def is_filestore_user(user: User):
+    verify, host = get_rest_host()
+    admin_login = get_admin_login()
+    admin_token, status = get_filestore_token(admin_login, host, verify)
+    # find user, loop through all
+    try:
+        r_users = requests.get(f"https://{host}/storemng/api/users",
+                               headers={"X-Auth": admin_token}, verify=verify, timeout=FS_API_TIMEOUT)
+        r_users.raise_for_status()
+    except (requests.exceptions.ConnectionError, requests.exceptions.HTTPError) as err:
+        print(err)
+        return False
+    for r_user in json.loads(r_users.text):
+        if r_user["username"] == user.username:
+            return True
+
+    return False
+
+
 def delete_filestore_user(user: User):
     """ Uses the filebrowser api to delete the user.username's filebrowser account and files.
 

users/views.py

@@ -25,8 +25,8 @@
 from rest_framework.schemas import AutoSchema
 
 from .filestore import (add_filestore_auth, delete_filestore_user,
-                        set_filestore_pass, set_filestore_scope,
-                        use_filestore_auth)
+                        is_filestore_user, set_filestore_pass,
+                        set_filestore_scope, use_filestore_auth)
 from .forms import (DeviceForm, SceneForm, SocialSignupForm, UpdateDeviceForm,
                     UpdateSceneForm, UpdateStaffForm)
 from .models import Device, Scene
@@ -614,10 +614,11 @@ def storelogin(request):
     fs_user_token = None
     if user.is_authenticated:
         # try user auth
-        fs_user_token, status = use_filestore_auth(user)
-        if status == 403:  # if django allauth pass updated by oauth, update pass
-            fs_user_token = set_filestore_pass(user)
-        if not fs_user_token:
+        if is_filestore_user(user):
+            fs_user_token, status = use_filestore_auth(user)
+            if status == 403:  # if django allauth pass updated by oauth, update pass
+                fs_user_token = set_filestore_pass(user)
+        elif not fs_user_token:
             # otherwise user needs to be added
             fs_user_token = add_filestore_auth(user)