Skip to content

fix: allow existing users to sign in and link via oauth#158

Open
ligong wants to merge 2 commits into
UPDOT:mainfrom
ligong:fix/oauth-sign-in-existing-users
Open

fix: allow existing users to sign in and link via oauth#158
ligong wants to merge 2 commits into
UPDOT:mainfrom
ligong:fix/oauth-sign-in-existing-users

Conversation

@ligong

@ligong ligong commented Jun 7, 2026

Copy link
Copy Markdown

Purpose

This PR fixes a bug where existing users (e.g. registered via email/password) receive a `UserNotFoundAPIError` when trying to sign in using an OAuth provider (Google, GitHub, etc.) for the first time.

Problem

In _createUser (inside src/core/protocols/oauth/oauth_authentication.ts), if a user already exists, the function hits the
else block and returns null. Consequently, the calling function OAuthAuthentication treats this as a failed lookup and
returns UserNotFoundAPIError instead of auto-linking the new OAuth provider credentials (sub) to the existing user record.

Solution

Remove the else { return null } block from _createUser.
- If the user record exists, it is now correctly returned to the caller (OAuthAuthentication), allowing the provider
credentials to be linked and the user to log in successfully.
- If the user does not exist and allowOAuthAutoSignUp is false, userRecord remains null and is returned as null
(correctly rejecting sign-up).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant