Adds forms for adding additional auth methods (Sign in with worldcoin / Email) directly from the logged in user UI.
Logic:
Once the user logs in with the one of auth methods, there will be an option on /profile page to add alternative method. Adding a method simply adds email/world_id_nullifier to the user's row in a Hasura user table.
On the next login (in /login-callback) we will check if the Hasura user has both email and world_id_nullifier we will try to fetch users from the auth0 database using auth0 management API. And in case we have found two accounts (1: email|<id>, 2:oauth2|worldcoin|<hash>) we can link them using the auth0Id field from the Hasura user table to define the primary account. After linking accounts primary auth0 account will stay, and the second one will be removed from the users list and added as identity to the primary account.
NOTE:
This PR is not fully solves the issue, but it will be still an improvement, as I can see it.
To make this work we will need to add some additional flow that will inform the user that it's worth connecting both auth methods, I think.
Also not fully clear what we should do in case if some of users actively using both auth method with different accounts right now.
‼️ Not fully tested
I didn't succeed in making sign in with worldcoin method working locally.
It fails here. I've decided not to spend much time on it and finish PR first.
Adding sign in with worldcoin
https://github.com/worldcoin/developer-portal/assets/89008845/83a47013-85c2-4d80-9bd5-3c76276a835e
Adding Email
https://github.com/worldcoin/developer-portal/assets/89008845/750f5b5d-ef83-4c56-a393-631d93f7885e
This PR:
Logic: Once the user logs in with the one of auth methods, there will be an option on
/profile
page to add alternative method. Adding a method simply addsemail
/world_id_nullifier
to the user's row in a Hasura user table.On the next login (in
/login-callback)
we will check if the Hasura user has bothemail
andworld_id_nullifier
we will try to fetch users from theauth0
database using auth0 management API. And in case we have found two accounts (1:email|<id>
, 2:oauth2|worldcoin|<hash>
) we can link them using theauth0Id
field from the Hasurauser
table to define the primary account. After linking accounts primary auth0 account will stay, and the second one will be removed from the users list and added as identity to the primary account.NOTE:
This PR is not fully solves the issue, but it will be still an improvement, as I can see it.
‼️ Not fully tested
Adding sign in with worldcoin
https://github.com/worldcoin/developer-portal/assets/89008845/83a47013-85c2-4d80-9bd5-3c76276a835eAdding Email
https://github.com/worldcoin/developer-portal/assets/89008845/750f5b5d-ef83-4c56-a393-631d93f7885e