From 8a2558c2da414443f75cd81391dabafec37cc681 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Sun, 10 Apr 2016 15:33:38 +0200
Subject: [PATCH] views: wrap login view in non_atomic_requests to allow fine
 control of transactions' commit (fixes #10604)

---
 mellon/views.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/mellon/views.py b/mellon/views.py
index 9e2eb98..e4425d4 100644
--- a/mellon/views.py
+++ b/mellon/views.py
@@ -12,6 +12,7 @@ from django.views.decorators.csrf import csrf_exempt
 from django.shortcuts import render, resolve_url
 from django.utils.http import urlencode
 from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.db import transaction
 
 from . import app_settings, utils
 
@@ -346,7 +347,8 @@ class LoginView(ProfileMixin, LogMixin, View):
         self.log.debug('to url %r', login.msgUrl)
         return HttpResponseRedirect(login.msgUrl)
 
-login = csrf_exempt(LoginView.as_view())
+# we need fine control of transactions to prevent double user creations
+login = transaction.non_atomic_requests(csrf_exempt(LoginView.as_view()))
 
 
 class LogoutView(ProfileMixin, LogMixin, View):