Fix a crash during login when user's profile does not exist

Fixes: #77

CHANGELOG.md

@@ -6,6 +6,7 @@ All notable changes to this project will be documented in this file.
 ### Bug Fixes
 - Add handling for non-latin-1 characters in webhook headers
 - Fix dark mode bug in selectpicker widgets
+- Fix a crash during login when user's profile does not exist (#77)
 
 ## v1.22.0 - 2020-08-06
 

hc/accounts/tests/test_login.py

@@ -171,3 +171,11 @@ class LoginTestCase(BaseTestCase):
         # Instead, it should set 2fa_user_id in the session
         user_id, email, valid_until = self.client.session["2fa_user"]
         self.assertEqual(user_id, self.alice.id)
+
+    def test_it_handles_missing_profile(self):
+        self.profile.delete()
+
+        form = {"action": "login", "email": "[email protected]", "password": "password"}
+
+        r = self.client.post("/accounts/login/", form)
+        self.assertRedirects(r, self.checks_url)

hc/accounts/views.py

@@ -115,7 +115,8 @@ def _redirect_after_login(request):
 
 def _check_2fa(request, user):
     have_keys = user.credentials.exists()
-    if have_keys or user.profile.totp:
+    profile = Profile.objects.for_user(user)
+    if have_keys or profile.totp:
         # We have verified user's password or token, and now must
         # verify their security key. We store the following in user's session:
         # - user.id, to look up the user in the login_webauthn view