fix: make user creation more robust

Reverse logic of CreateCanonicalLinkAndUserIfNotExist() to first check if the user exists,
then create the canonical link. This allows seamless re-creation of users through SSO after
they have been deleted from Jellyfin but not properly de-linked.

SSO-Auth/Api/SSOController.cs

@@ -624,6 +624,20 @@ public ActionResult Unregister(string username, [FromBody] string provider)
 
     private async Task<Guid> CreateCanonicalLinkAndUserIfNotExist(string mode, string provider, string canonicalName)
     {
+        User user = null;
+        user = _userManager.GetUserByName(canonicalName);
+        if (user == null)
+        {
+            _logger.LogInformation($"SSO user {canonicalName} doesn't exist, creating...");
+            user = await _userManager.CreateUserAsync(canonicalName).ConfigureAwait(false);
+            user.AuthenticationProviderId = GetType().FullName;
+
+            // Make sure there aren't any trailing existing links
+            var links = GetCanonicalLinks(mode, provider);
+            links.Remove(canonicalName);
+            UpdateCanonicalLinkConfig(links, mode, provider);
+        }
+
         Guid userId = Guid.Empty;
         try
         {
@@ -637,18 +651,7 @@ private async Task<Guid> CreateCanonicalLinkAndUserIfNotExist(string mode, strin
         if (userId == Guid.Empty)
         {
             _logger.LogInformation("SSO user link doesn't exist, creating...");
-            User user = null;
-            user = _userManager.GetUserByName(canonicalName);
-
-            if (user == null)
-            {
-                _logger.LogInformation($"SSO user {canonicalName} doesn't exist, creating...");
-                user = await _userManager.CreateUserAsync(canonicalName).ConfigureAwait(false);
-                user.AuthenticationProviderId = GetType().FullName;
-            }
-
             userId = user.Id;
-
             CreateCanonicalLink(mode, provider, userId, canonicalName);
         }