You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I’m using auth.js (next-auth v5) and encountered a situation where the following error is triggered:
OAuthAccountNotLinked: Another account already exists with the same e-mail address.
This happens when attempting to log in with an OAuth provider while the email already exists in the database.
I want to display a custom error page that shows which email address is causing the issue (e.g., “The email address [email protected] is already linked to another account”).
The reason for displaying the email address is to provide clarity to users. For example, users often have multiple email accounts and may not remember which one they used to sign up. By showing the conflicting email address, they can take appropriate action, such as logging in with the correct method or resetting their password.
Challenges
While creating a custom error page, I found that I can only determine the type of error through the error query parameter. However, there’s no way to access the email address directly from the error page.
Looking into the codebase, specifically in @auth/core/src/index.ts, it seems like when an AuthInternal process fails due to an OAuthAccountNotLinked error, the error type is appended to the query parameters for redirection. Would it be feasible to also include the error message and email address in the query parameters?
Sourcecode: Catch OAuthAccountNotLinked error and redirect to error page
// core/src/index.ts L163try{constinternalResponse=awaitAuthInternal(internalRequest,config)if(isRaw)returninternalResponseconstresponse=toResponse(internalResponse)consturl=response.headers.get("Location")if(!isRedirect||!url)returnresponsereturnResponse.json({ url },{headers: response.headers})}catch(e){consterror=easErrorlogger.error(error)constisAuthError=errorinstanceofAuthErrorif(isAuthError&&isRaw&&!isRedirect)throwerror// If the CSRF check failed for POST/session, return a 400 status code.// We should not redirect to a page as this is an API routeif(request.method==="POST"&&internalRequest.action==="session")returnResponse.json(null,{status: 400})constisClientSafeErrorType=isClientError(error)consttype=isClientSafeErrorType ? error.type : "Configuration"constparams=newURLSearchParams({error: type})if(errorinstanceofCredentialsSignin)params.set("code",error.code)constpageKind=(isAuthError&&error.kind)||"error"constpagePath=config.pages?.[pageKind]??`${config.basePath}/${pageKind.toLowerCase()}`consturl=`${internalRequest.url.origin}${pagePath}?${params}`// <-- Hereif(isRedirect)returnResponse.json({ url })returnResponse.redirect(url)}}
Alternatively, I’m considering using the signIn callback in auth.ts to intercept the email address during the login attempt. I could then query the database for the email and providerAccountId to manually check for duplicates. If a conflict is detected, I could redirect users to a custom error page with the relevant information included in the query parameters. (I haven’t tested this approach yet.)
However, I would prefer not to use the signIn callback for this purpose. The main reason is that auth.js already has internal logic for checking if an email is linked to another account, and duplicating this logic in the signIn callback feels redundant and overly complicated. It seems inelegant to replicate logic that is already handled within auth.js itself.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi everyone,
I’m using auth.js (next-auth v5) and encountered a situation where the following error is triggered:
This happens when attempting to log in with an OAuth provider while the email already exists in the database.
I want to display a custom error page that shows which email address is causing the issue (e.g., “The email address [email protected] is already linked to another account”).
The reason for displaying the email address is to provide clarity to users. For example, users often have multiple email accounts and may not remember which one they used to sign up. By showing the conflicting email address, they can take appropriate action, such as logging in with the correct method or resetting their password.
Challenges
While creating a custom error page, I found that I can only determine the type of error through the error query parameter. However, there’s no way to access the email address directly from the error page.
Looking into the codebase, specifically in @auth/core/src/index.ts, it seems like when an AuthInternal process fails due to an OAuthAccountNotLinked error, the error type is appended to the query parameters for redirection. Would it be feasible to also include the error message and email address in the query parameters?
Sourcecode: Catch OAuthAccountNotLinked error and redirect to error page
Alternatively, I’m considering using the signIn callback in auth.ts to intercept the email address during the login attempt. I could then query the database for the email and providerAccountId to manually check for duplicates. If a conflict is detected, I could redirect users to a custom error page with the relevant information included in the query parameters. (I haven’t tested this approach yet.)
However, I would prefer not to use the signIn callback for this purpose. The main reason is that auth.js already has internal logic for checking if an email is linked to another account, and duplicating this logic in the signIn callback feels redundant and overly complicated. It seems inelegant to replicate logic that is already handled within auth.js itself.
Psudocode: signin callback
Questions
Any advice or insights would be greatly appreciated.
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions