pre_social_login adapter cannot abort if Google social account's email matches user's email about django-allauth HOT 3 CLOSED

I don't fully grasp the question. What do you mean by "abort the connection" ?

from django-allauth.

For example, I create an account with the email [email protected] and sign in. Then I go to the accounts/social/connections to connect a Google Social Account.

A. If I choose a Google Account with a different email ([email protected]), the pre_social_login happens before the add signal, meaning that if I raise an ImmediateHttpResponse in the pre_social_login, the social account won't be added and connected to the account.
B. A. If I choose the Google Account with the same email ([email protected]), the social_account_added signal is emitted before the pre_social_login. That means even I raise the ImmediateHttpResponse in pre_social_login, the social_account is already connected to my account.

from django-allauth.

What you describe above only happens when you have turned email authentication on (off by default). When you have it turned on, at step B account the social login with email [email protected] is not treated as a new to be added account -- because of email authentication, the sociallogin having [email protected] is treated as a login to the already existing account, and because you also have SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT an implicit add takes place during this step. So, this indeed to be expected.

You could override the can_authenticate_by_email() adapter method if you want to intervene earlier -- before the email authentication takes place.

from django-allauth.