Go to tutor-dev. Click Login. Click Sign Up. Enter a fake username/password. Click Register. Click Back. Re-enter password and hit register. Kaboom.

Log:

(rails) Lev::SecurityTransgression (Lev::SecurityTransgression):
(rails)   lib/omniauth/strategies/custom_identity.rb:58:in `registration_phase'
(rails)   lib/omniauth/strategies/custom_identity.rb:46:in `other_phase'
(nginx) [16/Nov/2015:17:46:49 +0000] "POST /auth/identity/register HTTP/1.1" 500 643 "https://accounts-dev.openstax.org/signup" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"

Things to do:

• fix the underlying issue (probably is a legitimate 500 error / coding bug)
• no email went out to devs -- why?
• I would love for us to no longer have the standard Rails 500 error screen (pasted below), but instead something styled like our sites. (see openstax/tutor-server#632)

I see this problem on tutor-dev but I can't reproduce this locally. After registration, I got to the "Merge Logins" page, then I clicked back, and got to the profile page with a message "Alert: You already have a simple username and password on your account!"

I can reproduce so you can leave this for me if you want...

The issue is here: https://github.com/openstax/accounts/blob/master/app/handlers/identities_register.rb#L28

This line will return false if you are already logged in and have a password... which is probably fine.

Just need to handle the error somewhere maybe?

Oh I see. I'll leave this to you then :)

@Dantemss gets what @Dantemss wants!

Closed by #264