You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just discovered a bug in the external login callback when the user has configured 2FA or has been locked out. In those cases, the ExternalLoginCallback assumes that the user does not exist, so it tries to create the user again (and it fails because the email is already taken).
The same code in the Login method that redirects to LoginWith2FA or to Lockout should be used in the ExternalLoginCallback method too in case the external sign in fails.
The text was updated successfully, but these errors were encountered:
Yes, just copying the lines of code I referred to above, but probably a better approach would be to refactor a bit the methods so that there is no duplication and maybe add some unit tests.
Now I have only the time for the dirty fix, that's why I didn't open a PR for this one.
I just discovered a bug in the external login callback when the user has configured 2FA or has been locked out. In those cases, the ExternalLoginCallback assumes that the user does not exist, so it tries to create the user again (and it fails because the email is already taken).
The same code in the Login method that redirects to LoginWith2FA or to Lockout should be used in the ExternalLoginCallback method too in case the external sign in fails.
The text was updated successfully, but these errors were encountered: