local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 51 Pull requests 13 Projects 1 Releases Packages 1 Activity Actions

[FEATURE]: Ensure correct handling of Password login vs oidc login #171

New issue
Closed
opened 2025-09-26 13:40:23 +02:00 by simon · 0 comments
simon commented 2025-09-26 13:40:23 +02:00
Owner
Copy link

Description

I want to make sure, that password login and oidc login work as expected.
additional to the users ID, for authentication we also have an email id or an oidc id, respective of the authentication method used.

If a login via OIDC matches an oidc_id

  • update user.mail, if it differs
    • should also trigger member.mail change

If a login via OIDC doesn't match an oidc_id

  • if a user with the same user.mail exists, ask for password and set oidc_id for user
  • if no matching mail exists, create a new user from oidc-details

Acceptance criteria

  • a test ensures that if logged in via password, the users identifier is the user.email
  • ensure (and test!) the described oidc flows work

External or internal Dependencies

## Description I want to make sure, that password login and oidc login work as expected. additional to the users ID, for authentication we also have an email id or an oidc id, respective of the authentication method used. If a login via OIDC matches an oidc_id - update user.mail, if it differs - should also trigger member.mail change If a login via OIDC doesn't match an oidc_id - if a user with the same user.mail exists, ask for password and set oidc_id for user - if no matching mail exists, create a new user from oidc-details ## Acceptance criteria - [x] a test ensures that if logged in via password, the users identifier is the user.email - [x] ensure (and test!) the described oidc flows work ## External or internal Dependencies <!-- List any dependencies --->
simon added this to the Accounts & Logins milestone 2025-09-26 13:40:23 +02:00
simon added the
M
 label 2025-09-26 13:40:23 +02:00
simon added this to the Sprint 6 - 11.09 - 02.10. project 2025-09-26 13:40:24 +02:00
simon removed this from the Sprint 6 - 11.09 - 02.10. project 2025-10-02 12:38:57 +02:00
moritz added this to the Sprint 8 - 23.10 - 20.11 project 2025-10-23 13:21:03 +02:00
moritz added
S
 and removed
M
 labels 2025-10-23 13:21:12 +02:00
moritz self-assigned this 2025-11-05 18:26:38 +01:00
moritz added
M
 and removed
S
 labels 2025-11-05 18:26:47 +01:00
Sign in to join this conversation.
main
Branches Tags
Clear current reference
main
renovate/mix-dependencies
renovate/renovate-renovate-42.x
perform-migration-on-startup
feature/196_search_custom_fields
feature/220_ui_issues_2
sidebar
renovate/major-postgres
feature/223_member_checkbox
renovate/major-mix-dependencies
renovate/postgres
renovate/ghcr.io-sebadob-rauthy-0.x
persist-sort-order
docs/210_payment-concept
feature/151_roles_permissions_docs
manual_renovate_update
feature/#158-polish-README
feature/128_playwright_a11y_test
feature/119_member_user_relation_refactor
feature/119_user_as_member
feature/backpex-migration
feature/backpex_translation
feature/39_account_ressource
feature/74_memberfields
validation
feature/36_add_primerlive
Clear current reference
No results found.
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
high priority

   
invalid

Something is wrong

  
L

5 h

  
low priority

   
M

3 h

  
medium priority

   
needs refinement

   
question

More information is needed

  
S

1 h

  
UX research

   
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
high priority
invalid
L
low priority
M
medium priority
needs refinement
question
S
UX research
wontfix
Milestone
Clear milestone
No items
No milestone
Accounts & Logins
Projects
Clear projects
No items
No project
Sprint 8 - 23.10 - 20.11
Assignees
Clear assignees
No assignees
moritz
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: local-it/mitgliederverwaltung#171
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?