Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New user being created instead of using existing #68

Open
1zun4 opened this issue Aug 3, 2024 · 6 comments
Open

New user being created instead of using existing #68

1zun4 opened this issue Aug 3, 2024 · 6 comments

Comments

@1zun4
Copy link

1zun4 commented Aug 3, 2024
edited
Loading

Hi there,

I am confused on how to set up the plugin to use an existing user based on their email address.

Currently, as soon as I log in with my own OAuth2 Strategy (which comes with the verified email flag set), it still creates another user:
image

I thought it would help to enable Use email as username (overrides previous option) in Preferences, but that did not help either. I also checked Automatically confirm emails when email_verified is true'.

image

I have had a look at the login code and if I am not mistaken it is supposed to do this already, so there seems to be something wrong with it.

nodebb-plugin-sso-oauth2-multiple/library.js

Lines 226 to 229 in 43c7414

// Check for user via email fallback
if (email && email_verified) {
uid = await user.getUidByEmail(payload.email);
}

@julianlam
Copy link
Member

It's a little concerning that a user was created with the same email as an existing user...

Are you able to provide the example profile return from your OAuth2 provider?

@julianlam
Copy link
Member

@1zun4 Can you try v1.4.2?

@1zun4
Copy link
Author

1zun4 commented Aug 4, 2024

Seems it still happens. A new user was created with verified e-mail.

Is this what you asked for?

{
  "name": "liquidbounce",
  "oAuthid": "6fdadadc46877989fdcd1ee8b0e0a90149703b9ce74ecbfa23d2e86bd8c61d0a",
  "handle": "1zuna",
  "email": "[email protected]",
  "email_verified": true
}

Also checked what the function returns:
After UidByEmail: null

Seems there is something wrong with user.getUidByEmail(payload.email) instead.

@julianlam
Copy link
Member

Hmm. How was the original account verified? Can you try manually verifying it again via the ACP?

Then perhaps the function will return properly

@1zun4
Copy link
Author

1zun4 commented Aug 4, 2024

I manually re-verified the original account through the ACP and it suddenly worked. I came across this thread https://community.nodebb.org/topic/10355/user-getuidbyemail-cannot-find-email/5 and it is likely that I am somehow missing the email:uid entry but still be verified?

The problem with this is that I need to fix this for 10k users, do you have any idea how to do this easily?

@julianlam
Copy link
Member

It happens on old forums where the email verification was just a simple flag in the user hash. That system was updated but perhaps the existing values were left as-is.

Might need a one-off script to update the email:uid hash, I can cobble one together for you Monday.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@julianlam @1zun4