Duplicate users after changing oidc provider #1596
Labels
No Label
dependencies
duplicate
help wanted
invalid
kind/bug
kind/feature
needs reproduction
question
security
wontfix
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: vikunja/vikunja#1596
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
I changed my Idp(OIDC), I use my account to login and I find I have a new accout although this two have the same username and email.
Vikunja Frontend Version
0.21
Vikunja API Version
0.21
Browser and version
No response
Can you reproduce the bug on the Vikunja demo site?
Yes
Screenshots
No response
Duplicate usersto Duplicate users after changing oidc providerThis is expected behavior. To Vikunja, an account from oidc is unique within a an (email/username, issuer) tuple where email / username are something unique the provider can come up with. Vikunja cannot know if your oidc provider changed it's issuer URL or you've used another provider. And it shouldn't, because otherwise you could hijack an account with the same email address from another provider.
Similar to vikunja/api#1589
But I think we should have a way to combine them(users).
And it shouldn't, because otherwise you could hijack an account with the same email address from another provider.
We might add a way to merge accounts from different providers in the future.
You might, but not everyone does.
Is there anyway I can merge them by modify database? I try to modify issuer but it doesn't work.
It should work if you remove the new user (id 10) and change the issuer, email address and username of the first (id 1) to that of the one you deleted