I wanted to fix the same issue… I didn’t fix it but at least I enjoyed reading this thread, very entertaining! auth0 is the winner here
Is there some way to connect two user records, I think that would solve a lot of this.
Once logged in you need 2 buttons - “connect another social media account with the same email” which seems to work, and “connect another social media account with the same email” .
2nd one would then create a dummy user account with the second email, and a built-in workflow that changes the current user to the 1st account when logging in with the second…
Seems like this could be done any number of times for an account, and as long as it must be done from inside the 1st account, It doesn’t seem like it would then be a security risk
Found this thread because I thought the Google login plugin was broken.
Turns out it’s working as designed. Seems it’s just designed poorly.
@DavidS says that a users who first logs in with an email cannot then login to their account using an OAuth provider linked to that same email because of security.
This doesn’t make sense to me. Bubble does not provide a single OAuth plugin. There’s one for Google, one for Facebook, etc. So just because there are a couple of fringe OAuth providers who don’t require email confirms, Bubble decided to cripple the OAuth plugins for those that do (e.g. Google and Facebook).
There are a few OAuth providers that account for 99% of OAuth logins. They all require email confirmations.
So, unless I’m missing something, this design decision isn’t increasing security, it’s just forcing shitty UX on end users and requiring lots of extra work for Bubblers to design and implement workarounds that even after all that effort only result in a slightly less shitty UX.
Please make the Google and Facebook plugins log users in who have previously used an email/pass to login when they use an OAuth login with the same email.
To address this issue, I’m trying to show the user a more helpful message that tells them “you signed up with [user’s sign up method]. To login you must use the same method. Once logged in, on your Account page, you can enable additional methods.”
I have a “sign up method” field on the user that’s populated when they sign up. And I’m trying to locate that field by extracting (i.e. finding and replacing the non-email message text) the user’s email from the error message.
But the do a search for user by email is returning no results.
The email’s hidden in red below appear to match. And they match a user in the database.
I don’t think it’s a privacy issue as Sign Up Method is a field anyone can view (and I don’t think email would need to be publicly viewable but for testing I temporarily made it so).
Perhaps it’s due to the line break in the error message circled in green in the screenshot above?
This is how the error message can be edited and how it appears by default
I tried editing the error message to be blank hoping that’d make it only return the email but when this is blank it returns the default error message anyway.
Any ideas as to how to make a customized error message that tells the user how they signed up work?