Hello 🙂
Is it possible to request password, or u...
# support-questionse
EdwinN1337
06/02/2022, 12:06 PMHello 🙂
Is it possible to request password, or use the email/password login, when initial registered with third party
I was checking https://github.com/supertokens/supertokens-auth-react/blob/master/examples/with-thirdpartyemailpassword-passwordless/api-server/accountLinkingMap.js
But this is not what we want.
Basically, what we want is a user that registered by third party, request/reset password and login by email
r
rp
06/02/2022, 12:19 PMhey @EdwinN1337
rp
06/02/2022, 12:20 PMIt is possible, but you will need to implement account linking as shown in the demo app above.
We are also working on the account linking feature so that so many customisations do not have to be made, but until then, you will have to do this yourself.
e
EdwinN1337
06/02/2022, 12:25 PMIt's not really linking, it's using multiple login options...
When registered with a thirdparty / the email is unique in our own database. So we wan't to give them the option to also login with email/password.
Since they havent filled in a password, they would request lost pass... But that doesnt work when registered as third party
r
rp
06/02/2022, 12:26 PMSo if you don't give them the option to login via email password, then why ask them to set a password?
e
EdwinN1337
06/02/2022, 12:26 PMWe are, giving the option 😉
EdwinN1337
06/02/2022, 12:27 PMthird party or email/password
r
rp
06/02/2022, 12:27 PMhmm. So if they login with email password later, then you need to resolve the same user ID correct?
e
EdwinN1337
06/02/2022, 12:27 PMcorrect
r
rp
06/02/2022, 12:27 PMthat is account linking.
rp
06/02/2022, 12:31 PMWhat I would recommend is to disallow a user to login via email password if they have logged in with third party. You can show them a message saying "email already exists" if they are trying to sign up with email password, and if they try to login, it will just tell them incorrect credentials. If they try and reset the password, you can show them an error saying to sign in via social login (since they did that before)
rp
06/02/2022, 12:32 PMthe only other way is to implement account linking, which can be quite complex and have lots of security issues if not done correctly.
e
EdwinN1337
06/02/2022, 12:34 PMRight! Guess we will go for that
EdwinN1337
06/02/2022, 12:34 PMIt has alot of edge cases havent thought of
EdwinN1337
06/02/2022, 12:35 PMthanks!
EdwinN1337
06/02/2022, 12:35 PMAlso easier to implement
r
rp
06/02/2022, 12:35 PMYup! Please feel free to ask questions if you are stuck on how to go about doing the customisations.
e
EdwinN1337
06/02/2022, 12:35 PMWill do! 👍
EdwinN1337
06/02/2022, 12:52 PM Copy code
js
generatePasswordResetTokenPOST: async (input) => {
const response = await oI.generatePasswordResetTokenPOST(input)
return response
},status: 'OK'EdwinN1337
06/02/2022, 12:52 PMwhen calling
/api/auth/user/password/reset/tokenr
rp
06/02/2022, 1:13 PMYou can throw an error from this API, and it will show up in your app's error handler. Then you can send any message to the frontend.
2 Views