You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While implementing "sign in with" options for our application, I encountered an issue where, in scenarios where the OAuth2 OpenID verification method fails to return an email (e.g. OrcID), it becomes possible for this OAuth account to be linked to multiple user accounts. This situation leads to the accounts being saved in the database, which subsequently causes the server to return a 500 error upon future sign-ins due to the presence of two or more accounts associated with a single OAuth verification method.
To address this issue temporarily, I implemented a check to determine if the OAuth account already exists and prevent it from being linked to another user account on database level. However, I believe that handling this behavior should be a built-in feature of FastAPI-Users.
I'm open to the possibility that I might have overlooked existing solutions or misunderstood the framework's capabilities, so I welcome any feedback or suggestions.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello,
While implementing "sign in with" options for our application, I encountered an issue where, in scenarios where the
OAuth2 OpenID
verification method fails to return an email (e.g.OrcID
), it becomes possible for thisOAuth
account to be linked to multipleuser
accounts. This situation leads to the accounts being saved in the database, which subsequently causes the server to return a 500 error upon future sign-ins due to the presence of two or more accounts associated with a single OAuth verification method.To address this issue temporarily, I implemented a check to determine if the OAuth account already exists and prevent it from being linked to another user account on database level. However, I believe that handling this behavior should be a built-in feature of FastAPI-Users.
I'm open to the possibility that I might have overlooked existing solutions or misunderstood the framework's capabilities, so I welcome any feedback or suggestions.
Best regards,
Dzima
Beta Was this translation helpful? Give feedback.
All reactions