AeThex-Corporation/aethex-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
aethex-forge/docs/DISCORD-OAUTH-NO-AUTO-CREATE.md
Builder.io b641d40a55 Prettier format pending files
2025-11-10 22:23:56 +00:00

105 lines
3.6 KiB
Markdown
Raw Blame History

# Discord OAuth Login Fix - Account Auto-Creation Removed
## Problem
When logging in via Discord OAuth with an email that doesn't match any existing AeThex account, the system was automatically creating a brand new account.
**Example**:
- You have an AeThex account: `mrpiglr@gmail.com`
- Your Discord email: `someone@discord-email.com`
- **Before**: Clicking "Continue with Discord" created a NEW account with `someone@discord-email.com`
- **Result**: You had two accounts and couldn't access your original account
## Solution
Discord OAuth login now requires an exact email match. If the Discord email doesn't match an existing account:
1. User is redirected to `/login` with error message
2. Error message: "Discord email (xxx@example.com) not found. Please sign in with your email account first, then link Discord from settings."
3. User signs in with their email (e.g., `mrpiglr@gmail.com`)
4. User goes to Dashboard → Connections → Link Discord
5. Discord is now linked to the existing account
## Changed Files
- `code/api/discord/oauth/callback.ts`: Removed auto-account-creation logic
- No longer creates new auth users
- No longer creates new user profiles
- Only links Discord if email matches existing account
- Redirects to login if no email match
## New User Flow
Users with NO existing AeThex account:
1. Click "Continue with Discord" on `/login`
2. Authorize Discord
3. If Discord email matches an existing account → Linked + logged in ✅
4. If Discord email is NEW → Redirected to `/login` with error ⚠️
- They must create account via Email/Password OR continue with GitHub/Google (if available)
- Then they can link Discord from Dashboard
## For You Specifically
Your situation:
1. ✅ You have AeThex account: `mrpiglr@gmail.com`
2. ✅ Your Discord email is different
3. **New behavior**: Clicking "Continue with Discord" now shows error
4. **What to do**:
- Go to `/login` and sign in with `mrpiglr@gmail.com` password
- Go to `/dashboard?tab=connections`
- Click "Link Discord"
- Authorize Discord
- ✅ Discord is now linked to `mrpiglr@gmail.com` account
## Testing
### Test Case 1: Existing User, Matching Email
```
1. Create account with Discord email: person@example.com
2. Logout
3. Click "Continue with Discord"
4. Should login to existing account (not create new)
✅ Success: Only one account
```
### Test Case 2: Existing User, Different Email
```
1. Create account: mrpiglr@gmail.com (email/password)
2. Discord email: something_else@example.com
3. Click "Continue with Discord"
4. Should see error: "Discord email not found"
5. Sign in with mrpiglr@gmail.com
6. Go to Dashboard → Link Discord
✅ Success: Discord linked to correct account
```
### Test Case 3: New User, No Existing Account
```
1. Click "Continue with Discord" (no account exists)
2. Discord email: new_user@example.com
3. Should see error: "Discord email not found"
4. User must sign up with email/password or other OAuth first
✅ Success: No auto-created account with mismatched email
```
## Why This Change?
- **Prevents account duplication**: No more accidentally creating second accounts
- **User confusion prevented**: Users see clear error message explaining what to do
- **Email consistency**: Each AeThex account now has one email, reducing support issues
- **Better linking experience**: Forces intentional linking, not accidental account creation
## Rollback (if needed)
If this change causes issues, the old behavior can be restored by:
1. Uncommenting the account creation logic in `code/api/discord/oauth/callback.ts`
2. Using the `isNewUser` flag to redirect to onboarding for new accounts
However, this will re-introduce the original problem.
Reference in a new issue View git blame Copy permalink