Created
June 18, 2022 05:52
-
-
Save rishabhpoddar/0d8550f0ab7f9c5bf6daef601e8e08e6 to your computer and use it in GitHub Desktop.
Disable account linking in thirdpartyemailpassword
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
async function preventUserSignUpIfTheyAlreadyExist(email: string, thirdPartyId?: string) { | |
let existingUsers = await ThirdPartyEmailPassword.getUsersByEmail(email); | |
if (existingUsers.length > 0) { | |
let userHasInfoFromThisProvider = false; | |
if (thirdPartyId !== undefined) { | |
existingUsers.forEach(user => { | |
userHasInfoFromThisProvider = userHasInfoFromThisProvider || user.thirdParty?.id === thirdPartyId | |
}); | |
} else { | |
// this means they are trying to sign up with email / password | |
userHasInfoFromThisProvider = true; | |
} | |
if (!userHasInfoFromThisProvider) { | |
// this means that the user exists, but they used another method of sign up, so now this will be a sign up, which we should prevent; | |
throw new Error("Prevent sign up"); | |
} | |
} | |
} | |
ThirdPartyEmailPassword.init({ | |
override: { | |
functions: (oI) => { | |
return { | |
...oI, | |
thirdPartySignInUp: async function (input) { | |
let email = input.email.id; | |
await preventUserSignUpIfTheyAlreadyExist(email, input.thirdPartyId); | |
return oI.thirdPartySignInUp(input); | |
}, | |
emailPasswordSignUp: async function (input) { | |
let email = input.email; | |
await preventUserSignUpIfTheyAlreadyExist(email, undefined); | |
return oI.emailPasswordSignUp(input); | |
}, | |
} | |
}, | |
apis: (oI) => { | |
return { | |
...oI, | |
emailPasswordSignUpPOST: async function (input) { | |
try { | |
return await oI.emailPasswordSignUpPOST!(input); | |
} catch (err) { | |
if (err.message === "Prevent sign up") { | |
return { | |
status: "EMAIL_ALREADY_EXISTS_ERROR" | |
} | |
} | |
throw err; | |
} | |
}, | |
thirdPartySignInUpPOST: async function (input) { | |
try { | |
return await oI.thirdPartySignInUpPOST!(input); | |
} catch (err) { | |
if (err.message === "Prevent sign up") { | |
return { | |
status: "FIELD_ERROR", | |
error: "You already have an account using another login method. Please use that instead." | |
} | |
} | |
throw err; | |
} | |
} | |
} | |
} | |
} | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment