Allow to link a provider account (facebook, twitter, etc.) when the user is logged.

[willywg]

Currently links a provider account when creating a user from an external provider. This is fine for a first user registration. But if I already created an account from Facebook, and I need to link my Twitter account I can not.

This is useful because it allows the user to link your other accounts. And then I could login from any of them.

[iterion]

I'd like this feature as well. I'll take a stab at implementation.

[wmerrell]

I also think that this would benefit from some redesign. Right now, each account is a separate account. If you log in with a password, or via Facebook, or via Twitter, its three separate accounts. A way to link them, or to provide alternate logins for the same account would be better.

Also, under the current method an additional table is used. This is annoying because the method only involves two fields which are currently on a one to one relationship with the user account. (That is the authentications table stores two fields for each record and each record relates to one and only one user record.) It would be more convenient to have that information directly in the user record.

[iterion]

However, if you move to a multiple oauth type system per user then the extra table is necessary, as it is then one user to many third-party accounts.

I was thinking of maintaining the table structure and providing a method to 'link' an account. I've started on it, and it works. But, I still need to add tests, etc.

[wmerrell]

I was wondering whether anyone was working on this still? iterion, you said you had it working, is it ready for release?

[aL3xa]

I'm also interested in this one. It seems like a simple one, but it's a bit trickier once you get to tweak it. Any feedbacks? @iterion, can you please put some stuff on Gist or smth?

[iterion]

Other projects have taken my focus away from this for the time being, nothing worth sharing yet.

I'm trying to decide how to best fit it in with Sorcery's API. I think I'll add the method: link_from(provider) Which requires you to check if a user is logged in.

I also am thinking about

login_or_link_from(provider)

Which would handle those checks for you.

Thoughts?

I'll try to do more with it today and get something up for everyone.

[aL3xa]

@iterion login_or_link_from sounds great! Can't wait to see it in action.

[iterion]

Cool, I was also thinking about just changing login_from to use the above behavior. I don't think this would create any conflicts.

[aL3xa]

Yeah, and I don't think that users could link an account without logging in. =)

[iterion]

https://github.com/iterion/sorcery/commit/281b826d14d7ba41792ba6da8ed80b2f3274aef5

Take a look guys, let me know how things look for you. Haven't added tests yet.

[aL3xa]

@iterion this looks cool! It would be nice though, if you could add methods to list/unlink added accounts. Not that it's a huge deal, but still... you should be able to safely remove attached account(s). =)

[safarista]

On this same note: Is there anything special I need to do to implement Google's OpenID auth? I see in the README a note that only Twitter and Facebook are done. I was just wondering if there is anything special about Google Accounts.

[aL3xa]

@safarista, nothing special... AFAICT, it's fairly easy to obtain key, and you can even test it via playground. But you may want to use up-to-date sorcery provided by @NoamB, since it supports multiple providers now.

[joshbuker]

Necropost, but being able to use multiple auth sources is important to my current use-case for sorcery. What's the current status on this?

[Ch4s3]

@athix no clue. Looks dead, but if you want to put in a PR I'll have a look.