How to correctly save a user authenticated through google?

L

lssssssssssl2021-10-11 20:13:20

Web development

lssssssssssl, 2021-10-11 20:13:20

For example, I already have a banal password and email authentication - I store the email and password in the database.
What if the user logs in via Google using an email that is already in the database and has been saved with a password? And also what to do when this situation happens in the opposite direction - the user creates an account on the mail, which is already authorized through Google.

And what is the right way to store it all? For example, a banal registration will have email and password fields and authentication will occur through them, while Google authentication does not have a password. Make database password optional?

To summarize: How to properly store users after regular registration (By email password) and users with Google authentication?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

N

no_one_safe, 2021-10-12
@lsssssssssl

Do not allow such users to log in in both cases. It is necessary to issue a message, "the user with this email is already registered", offer to first enter the site (in the way that was originally chosen), and only then from the personal account offer to either link your account with Google, or, in the opposite case, enter a password for authorization.