docs(auth): align duplicate-email and connect conflict docs#1588
Merged
tyler-dane merged 2 commits intomainfrom Mar 30, 2026
Merged
docs(auth): align duplicate-email and connect conflict docs#1588tyler-dane merged 2 commits intomainfrom
tyler-dane merged 2 commits intomainfrom
Conversation
Co-authored-by: Tyler Dane <tyler-dane@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
fix: 409 for duplicate email connections.Docs updated
docs/features/password-auth-flow.mdgoogle.googleIdfirst, normalized email fallback) and session remap behavior.codefields in conflict examples and includedGOOGLE_CONNECT_EMAIL_MISMATCHcontract.docs/backend/api-documentation.md/api/auth/google/connectconflict contract for email mismatch (GOOGLE_CONNECT_EMAIL_MISMATCH) alongside existing ownership conflict.docs/manual-testing/auth-testing.mdcode: "GOOGLE_ACCOUNT_ALREADY_CONNECTED"in connect-conflict scenario.Codepaths covered
packages/backend/src/user/queries/user.queries.tspackages/backend/src/user/services/user.service.tspackages/backend/src/auth/services/google/util/google.auth.util.tspackages/backend/src/common/middleware/supertokens.middleware.handlers.tspackages/backend/src/auth/services/google/google.auth.service.tspackages/backend/src/common/errors/auth/auth.errors.tspackages/backend/src/common/errors/handlers/error.handler.tspackages/core/src/types/auth.types.tspackages/web/src/common/apis/compass.api.util.tspackages/web/src/auth/hooks/google/useConnectGoogle/useConnectGoogle.tsKnowledge gaps addressed
409error contracts explicit in runbooks and API docs.Note
Low Risk
Low risk because this PR only updates documentation and manual test guidance; no runtime behavior is changed. The main risk is client/test confusion if these contracts diverge from the implemented backend behavior.
Overview
Updates auth docs to align with current duplicate-email and Google connect conflict behavior.
Documents machine-readable
409contracts forPOST /api/auth/google/connect, including explicitcodefields for ownership conflicts (GOOGLE_ACCOUNT_ALREADY_CONNECTED) and email-mismatch conflicts (GOOGLE_CONNECT_EMAIL_MISMATCH), and clarifies canonical user resolution/session-remap semantics (Google ID first, normalized-email fallback). Manual testing runbook is updated to assert the conflictcodeand removes outdated caveats about same-email logged-out flows.Written by Cursor Bugbot for commit f951a89. This will update automatically on new commits. Configure here.