Closed dtamajon closed 2 years ago
zorn-v
commented
2 years ago We have created the 'allow_login_autoconnect' (Connect social logins to existing users automatically) property to enable this behavior.
Let me guess, this field is something like "email" or "login" ? No this is never will be done.
dtamajon
commented
2 years ago This is a feature that should be activated by the administrator, so is not a default functionality. In the same way you can avoid duplicated emails, we use email to attach social login users.
For us it is quite logical that if you login with GMail, then you are the owner of that email account. And of course, the feature must be enabled only if the site requires such users merge.
Which is the reason for which this never will be done?
zorn-v
commented
2 years ago This is a feature that should be activated by the administrator
Administrator is only human (after all :smile:), and may not realize what he is doing. Doing something like warning "THINK BEFORE DOING" - I do not want. Nobody read warnings.
zorn-v
commented
2 years ago If you really need this feature - fork app, and do what you want on your own risk. It is better that some "warnings"
Motivation
There are some installations in which, on activating the Social Login app, we want the existing users to be allowed to access using their social login, without any extra action from the users. In that case, when a login is done and an existing user is matched, its account should be linked to the new login service.
Solution
On matching an existing user after a new social login, if this feature is enabled, the existing user is updated with the social information.
We have created the 'allow_login_autoconnect' (Connect social logins to existing users automatically) property to enable this behavior.