https://supertokens.com/ logo
Join Discord
Powered by
Hello 🙂 Is it possible to request password, or u...
# support-questions-legacy
e
Hello 🙂 Is it possible to request password, or use the email/password login, when initial registered with third party I was checking https://github.com/supertokens/supertokens-auth-react/blob/master/examples/with-thirdpartyemailpassword-passwordless/api-server/accountLinkingMap.js But this is not what we want. Basically, what we want is a user that registered by third party, request/reset password and login by email
r
hey @edwinn1337
It is possible, but you will need to implement account linking as shown in the demo app above. We are also working on the account linking feature so that so many customisations do not have to be made, but until then, you will have to do this yourself.
e
It's not really linking, it's using multiple login options... When registered with a thirdparty / the email is unique in our own database. So we wan't to give them the option to also login with email/password. Since they havent filled in a password, they would request lost pass... But that doesnt work when registered as third party
r
So if you don't give them the option to login via email password, then why ask them to set a password?
e
We are, giving the option 😉
third party or email/password
r
hmm. So if they login with email password later, then you need to resolve the same user ID correct?
e
correct
r
that is account linking.
What I would recommend is to disallow a user to login via email password if they have logged in with third party. You can show them a message saying "email already exists" if they are trying to sign up with email password, and if they try to login, it will just tell them incorrect credentials. If they try and reset the password, you can show them an error saying to sign in via social login (since they did that before)
the only other way is to implement account linking, which can be quite complex and have lots of security issues if not done correctly.
e
Right! Guess we will go for that
It has alot of edge cases havent thought of
thanks!
Also easier to implement
r
Yup! Please feel free to ask questions if you are stuck on how to go about doing the customisations.
e
Will do! 👍
Copy code
js
              generatePasswordResetTokenPOST: async (input) => {
                const response = await oI.generatePasswordResetTokenPOST(input)

                return response
              },
We can only return 
status: 'OK'
, which API should I override to provide extra feedback
when calling 
/api/auth/user/password/reset/token
, {`
r
You can throw an error from this API, and it will show up in your app's error handler. Then you can send any message to the frontend.
8 Views
PreviousNext
Powered by