Create the user before logging it in

core/admin/mailu/sso/views/base.py

@@ -94,10 +94,10 @@ def proxy(target='webmail'):
         return flask.abort(500, 'Too many users in (domain=%s)' % domain)
     user = models.User(localpart=localpart, domain=domain)
     user.set_password(secrets.token_urlsafe())
-    flask.session.regenerate()
-    flask_login.login_user(user)
     models.db.session.add(user)
     models.db.session.commit()
+    flask.session.regenerate()
+    flask_login.login_user(user)
     user.send_welcome()
     flask.current_app.logger.info(f'Login succeeded by proxy created user: {user} from {client_ip} through {flask.request.remote_addr}.')
     return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL'])