doubleunion
Allow user to remove one of their oauth authentication methods so they can replace the other one?
If a user authenticates with google account A and then later wants to replace it with google account B, there is no self-service way to do so (and it's not super clear how an admin can do it either.) Provide an "unlink" button on a users page so they can unlink one of their auth methods so they can add another one of the same type (but don't allow unlinking both methods... or we are going to have to do a lot of account recovery work!)
I successfully deleted my own google auth
me = User.find(my_user_id)
me.authentications.count
me_google_auth = me.authentications.find_by(provider: 'google_oauth2')
me_google_auth.delete
And then logged in with my github and added my own google auth back in. So I think that this is very doable to add a button for a DU member to self-serve this.
As I discussed briefly with another member, if someone locks themself entirely out (i.e. has just a google account and then loses access to it) the only 2 ways that come to mind to get them back into the app are: 1. have them make a new account and then use prod console to associate that new auth with their old account or 2. have them make a new applicant account and then open applications, accept them, and close applications (i.e. a fake application cycle) So, we should make a button :)
It would also be good to allow multiple google accounts to auth- this issue is happening again, where a new member no longer has access(?) to the account they used to create their membership application. Reference: private emails KtbxLvgsvRmvpwPrGPGFLLpnhkMcwpVHjB FMfcgxwChmJTwpfsRxgRDPnWjHMcpGKg