Comments (5)
The package itself shouldn't be creating a duplicate entry... Are you perhaps saving the persons email and have your email column set with a unique constraint?
There's no good way to detect when someone logs in with one provider, then later with another. Trying to do it based on e-mail address is a big security vulnerability. See this issue for more details: #19
from eloquent-oauth.
That makes sense. How would I give the user an alert saying "you've signed up with another provider" then?
from eloquent-oauth.
If you really wanted to do that I would use the callback on OAuth::login()
to check if the email is already assigned to another user and throw your own exception that you can catch in the controller and handle however you want.
The reality is though that no one really deals with that problem. With some providers, you'd have no way of telling anyways. For example, the Instagram API does not let you retrieve the user's email address at all, so you have no way of knowing. If you test what you're talking about with a variety of popular sites that support social login, I think you'll find they all just create multiple accounts for you and make no effort to reconcile them.
This is actually a common complaint of sites that support multiple social logins in general :/ It's definitely a trade-off between the convenience of providing multiple login options vs. the risk of the user forgetting which one they chose.
I'm planning to split this package up in the future so that there's one main repo for the bulk of the package logic, and each actual provider is in it's own repo, and you can mix and match the actual ones you need, which I think will help encourage more careful selection of which providers you actually want to support for your application. Similar to how Flysystem is broken up for example.
from eloquent-oauth.
All right. Great.
Thanks for the help. And thanks for the great package. I was up and running literally in an hour with only this one question.
from eloquent-oauth.
No problem happy to help and glad you like the package! π Definitely let me know how it works out for you, would love to improve it however I can based on your feedback.
from eloquent-oauth.
Related Issues (20)
- Not catching ApplicationRejectedException when user reject facebook login HOT 3
- Add provider - Stripe [Request]
- Seems to be incompatible with Laravel 5.1 HOT 1
- Support passing custom data into the `state` param
- Provider Request: Reddit (code provided) HOT 7
- Class 'OAuth' not found HOT 2
- Add documentation for "Designing your users table"
- Rename OAuth facade HOT 2
- Support for twitter? HOT 3
- Request FACEBOOK basic data (gender, user_friends) HOT 1
- Office365 HOT 1
- Adding a 'remember' parameter to login() method HOT 1
- Retrieving The Authenticated User HOT 2
- Merging Accounts HOT 2
- Log in by access token HOT 2
- Using Google Oauth behind proxy
- Authorize more than one provider for one user HOT 1
- Running something on register HOT 1
- ΒΏIs There a way to auth sending email and password to Facebook or google?
- 'No query results for model [App\User].' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from eloquent-oauth.