payload-plugin-oauth icon indicating copy to clipboard operation
payload-plugin-oauth copied to clipboard
verified publisher icon thgh

Cannot sign in if local user already exists

Open tyteen4a03 opened this issue 2 years ago • 3 comments

I cannot sign into my account if a local account with that email already exists, as it will throw The following fields contain error: emails. Can this be fixed?

tyteen4a03 avatar Oct 16 '23 23:10 tyteen4a03

Should it sign in as the existing user?

Option 1: set the subField: { name: 'email' } to use email as unique user id.

Option 2: use the userinfo option to update the sub field of the matching user before returning the userinfo.

thgh avatar Oct 17 '23 19:10 thgh

Should it sign in as the existing user?

For us, yes, as we do not allow local user registrations. For other applications out there, likely not without additional security checks.

Option 2: use the userinfo option to update the sub field of the matching user before returning the userinfo.

What do you mean in Option 2? We already return the sub field value.

tyteen4a03 avatar Oct 18 '23 22:10 tyteen4a03

Well, it's good to return it, but if there is no user with that sub, a user will be created. If this is not what you want, you should make sure there is a user with that sub.

userinfo() {
  const sub = ...
  const email = ...
  // pseudo code
  const exists = payload.find({ collection: "users", where: email equals email })
  if (exists.sub !== sub) payload.update(... exists.id ... { sub })
  return { sub, email }
}

thgh avatar Oct 19 '23 12:10 thgh