Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Bug: github auth users should not be able to change their email #1490

Closed
Assignees
Emyrkf0ssel
Labels
apiArea: HTTP APIsiteArea: frontend dashboard
@f0ssel

Description

@f0ssel

OS Information

Steps to Reproduce

  1. Login with Github
  2. Go to user preferences and update email to something garbage -canichangethis@coder.com
  3. Sign out
  4. Sign in with Github again - get error:
{"message":"create user: execute transaction: create user: pq: duplicate key value violates unique constraint \"idx_users_username\""}

Expected

If we allow email changes it should not lock the user out and break the user account.

Actual

The user is locked out and cannot log back in.

Logs

Screenshot

image

Notes

It seems like we need a good bit more guardrails and validation around this flow, we should not be able to collide on username or email when dealing with oauth.

Metadata

Metadata

Assignees

Labels

apiArea: HTTP APIsiteArea: frontend dashboard

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

    [8]ページ先頭
    ©2009-2025 Movatter.jp