i think the only thing you’d need to do is delete their access token and refresh token.
then the user would have to reauthenticate to get a new token that you then save to the db.
when you do the dance yourself, you can delete those values easily because you also had to save them manually. this means you know where they’re kept and can wipe them out.
the connection is then severed in that sense but can easily be re-added by the user through reauthentication with that o-auth provider
It sounds like you mistakenly think I am asking for help. I appreciate your kindness and attempt to helps, but that isn’t what I am seeking.
I am validating the issue brought up by the initial poster stating that the way bubble handles oauth is indeed an issue and that the solutions suggested do not resolve that issue.
It is a plea to any bubble employee reading this to give bubble builders more control over how we manage and serve user access_tokens and refresh_tokens.
Still no native way to do this in bubble to my understanding, (Pathfix is probably the best way), however I wanted to add that I recently discovered Bubble has actually built this feature for themselves:
Bumping this again. Let’s put this scenario out there…
We have a User who logs in normally with email and password. They then logout, and another person (let’s say their brother) who is using the same computer decides to go to the same bubble app because they thought it looked cool and want to see it for themselves. When this new User goes to log in, they decide it would be easier to login with google. So they do that.
This may not seem like a problem, but now because of the way bubble has things set up, both Users have the same account. One can login with the email, and the other with their google account. I am not sure how this wouldn’t be considered an issue for people here?
In this same scenario, let’s say at a highschool now. It would be even more of a problem of course because the two Users may not even know each other.