I’m having a hard time linking the account of an already created user created via invite to Google Oauth.
As the user, ISBAT accept an invite from my teammate and log in to the application via email/password or Google Sign in (or at least eventually link my email/password and google account).
If the user is currently logged in with email and password, you can prompt them to link their account with an Oauth provider (such as Facebook, Google…). If a user goes through such a flow, a new user will not be created, but, instead, the Oauth credentials will be added to the current, logged-in user. After this flow completes, the user will be able to login either with his email/password, or via an Oauth flow. If another user exists in the database with the email provided by the external service, the action will fail and a message will be shown to the user.
This may just be a silly question, but how would you have the user go through this flow? Right now I have the following:
A user is logged in using their email + temp password from their invitation
Within their account page, there’s a button I created that says “link my google account”
In the workflow when they click that button, they’re signed in with a social network (Google)
However, once I go to test if the link was created by logging out and then attempting to sign in with Google, I get the error of “email address already in use”.
Is it as simple as I can’t create a user with an email/password and them allow them to sync up their Google account if their google account is that same email address?
If the user is currently logged in with email and password, you can prompt them to link their account with an Oauth provider (such as Facebook, Google…). If a user goes through such a flow, a new user will not be created, but, instead, the Oauth credentials will be added to the current, logged-in user. After this flow completes, the user will be able to login either with his email/password, or via an Oauth flow. If another user exists in the database with the email provided by the external service, the action will fail and a message will be shown to the user.
If the user isn’t logged in when he goes through an Oauth flow, a new user will be created, except if a user with the same email (the email registered with Facebook) already exists in the app’s database. In such a case, the workflow will fail and a message will be shown to the user.
If a user has signed up with an external service and wishes to add a password to his account, he can do this by going through a ‘reset the user’s password’ action. This will effectively modify the user that was authenticating only with Oauth credentials and will the email and password values to the user object.
My understanding after reading that is the Google account should link to the existing account that was created with email/password. Are the two email addresses the same? It seems like you might be falling under the error case described in item 1.
This is correct. If the user is logged in, all you have to do to connect a new login type is have the user log in with that scheme. Viola, connected accounts! I’m currently implementing that and can vouch for this being true. The trick is the interface for it.
(Typically, login stuff is relegated to Header-land. This creates some issues when u wanna throw up a login on the fly.)
I just realized I quoted the same part of the manual you did, @corinn.pope! You actually were the second person I was responding to regarding this account linking thing today. Sorry for the redundant info.
Just be aware of the potential issue with account linking…
If you link a social signon to one particular Bubble user and then you create another bubble user with a different email - if you then will have your signed up user switched from the second to the first.
Well, I was trying to just cram it into my header (like, you log in and instead of [SIGN UP] [LOG IN] you get [ADD LOGIN] [LOG OUT] ) but it became problematic in terms of real estate on mobile as I have other things up there too.
As far as interface for ADD a login:
My signup and login dialog is based on the one that Bubble includes in their wizard template. It switches between a “login” and “signup” mode using a custom state “mode” that you just update to change its look/behavior.
Since ADD is just a variation on Log In mode (you’re just telling the Logged In user, “Hey, log in with the other method and BOOM, you got it.”), I added a “sub mode” state for adding, which mildly rejiggers the dialog’s login mode.
It all works fine, but I’ve not yet found quite the right place to trigger throwing up the login dialog is all.
If I had a live URL showing what the login pop up looks like in “add” mode, I’d share it here, but at the moment there’s no place where I trigger it.
But basically it looks like Log In mode where the text just changes to “To Add a Log In Type, Log In with…”
If the user ALREADY has email/password login (the expression is “Current User uses password”) I make it so they can’t click the password reset.
Basically that’s all u need to do. Here’s my usual Log In dialog:
But Billy shouldn’t have access to Amy’s FB or Google or any other oAuth credentials, so yeah this is not a likely scenario.
(I get where you’re coming from though: This is actually rather easy to do if you’re the developer and using things like Facebook test users to debug/test your login flow.
Aside: The random Facebook test user names are one of my favorite things on the Interweb. E.g., “Daniel Albhaebedjeac Dingleberg”… now that’s a name!)
We want to direct all of our users to our new SSO interface that is not within our Bubble app because it is our SSO interface for several other apps and services. Also, considering the docs note that “the Oauth credentials will be added to the current, logged-in user” (Found here: https://manual.bubble.is/working-with-data/the-user-type.html#using-external-services-to-authenticate). Is there any way that we can determine when a user has already had the OAuth credentials added to their user record? We expose a Bubble API that might be of some help, but I have not found anything in the Users table or other tables that hints that a user has already had OAuth credentials added to their record.
