Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth Directus users pre-rc.99 cannot be logged in #9244

Closed
3 tasks done
casey-chow opened this issue Oct 29, 2021 · 2 comments
Closed
3 tasks done

OAuth Directus users pre-rc.99 cannot be logged in #9244

casey-chow opened this issue Oct 29, 2021 · 2 comments

Comments

@casey-chow
Copy link

Preflight Checklist

Describe the Bug

Once I upgraded to rc.100, I was no longer able to sign in to existing accounts that only had Google oAuth credentials. The only workaround I've found is to change the user's email, log in creating a new user (with public registration enabled), and then copy the external ID into the old user row in the database before deleting the new user.

To Reproduce

  1. From Directus pre-rc.99, create a user with valid Google credentials.
  2. Upgrade to rc.100.
  3. Attempt to log in with the same Google account.

Errors Shown

The app redirects to /admin/login?reason=UNKNOWN_EXCEPTION, and prior to that outputs the following error:

Error: Field "email" has to be unique.
    at UsersService.checkUniqueEmails (/app/node_modules/directus/dist/services/users.js:52:19)
    at processTicksAndRejections (internal/process/task_queues.js:95:5)
    at async UsersService.createMany (/app/node_modules/directus/dist/services/users.js:117:13)
    at async UsersService.createOne (/app/node_modules/directus/dist/services/users.js:107:24)
    at async OpenIDAuthDriver.getUserID (/app/node_modules/directus/dist/auth/drivers/openid.js:108:9)
    at async AuthenticationService.login (/app/node_modules/directus/dist/services/authentication.js:66:26)
    at async /app/node_modules/directus/dist/auth/drivers/openid.js:203:28

What version of Directus are you using?

v9.0.0-rc.100

What version of Node.js are you using?

14.13.1

What database are you using?

Postgres 13

What browser are you using?

Firefox

What operating system are you using?

macOS

How are you deploying Directus?

Heroku
@aidenfoxx
Copy link
Contributor

The jump to rc99 was a breaking change for the OAuth flow, I'm afraid. We added a field to users called provider which links users to certain auth flows. So your old users are now considered regular users, when you need them to be oauth users.

If you plan on using public registration you will run into this issue, since the login will try and create a new user with the same email address when it can't find an oauth user.

I assume you're using the openid driver? If that is the case you can:

  • Set AUTH_<your_google_provider>_IDENTIFIER_KEY="email"
  • Update all OAuth users in the database so that provider=<your_google_provider> and external_identifier=<users_email>

Then the openid driver should be able to find users by email and authenticate them.

Sorry about the additional trouble.

@casey-chow
Copy link
Author

casey-chow commented Nov 3, 2021
edited

No, thanks for the workaround!

For anyone who wants a copy-pastable solution (I used empty password to mean Google sign in, and my provider name is google):

update directus_users
set external_identifier = email, provider = 'google'
where password is null;

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 3, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@casey-chow @aidenfoxx @rijkvanzanten