PowAssent.Plug.create_session() is called twice every sign in

[mplatts]

Looking in PowAssent.Plug:

def callback_upsert(conn, provider, params, redirect_uri) do
    conn
    |> callback(provider, params, redirect_uri)
    |> handle_callback()
    |> maybe_authenticate()
    |> maybe_upsert_user_identity()
    |> maybe_create_user()
    |> case do
      %{private: %{pow_assent_callback_state: {:ok, _method}}} = conn ->
        {:ok, conn}

      conn ->
        {:error, conn}
    end
  end

When I sign in with Facebook, both maybe_authenticate() and maybe_upsert_user_identity() call create_session(), so it runs twice.

This means any callbacks I've added also get run twice every time someone logs in with Facebook:

defp pow_assent_persistent_session(conn, _opts) do
  PowAssent.Plug.put_create_session_callback(conn, fn conn, provider, _config ->
    PowPersistentSession.Plug.create(conn, Pow.Plug.current_user(conn)) # <-- runs twice!
  end)
end

[danschultzer]

It shouldn't run twice since if one succeeds and a user gets assigned, the other will just continue without attempting any operation: https://github.com/pow-auth/pow_assent/blob/v0.4.11/lib/pow_assent/plug.ex#L122-L190

The pow_assent_persistent_session plug function will only be called once when the pipeline runs. Am I missing something?