Why is there no signup function? #945
Replies: 12 comments 5 replies
-
I was going to ask the same question! |
Beta Was this translation helpful? Give feedback.
-
I would love to know the answer to this as well, but I don't think it's possible. The only way I know is the check the |
Beta Was this translation helpful? Give feedback.
-
This is exactly what I have been grappling with. I planned to use the email id as the user identifier, since I do persist session data in the database. But this will not work since Github and Facebook (the two providers I wanted in addition to Google) do not return the email id if the user does not allow it. While this is a brilliant library and simplified Google Auth tremendously, I am wondering about the feasibility of offering multiple OAuth providers for applications that need user identification. Or should it be assumed that OAuth works best only for applications that do not care to identify users across providers? @martinatwainobicom I am not sure about your question so this may not be answering it, but I'll state my understanding, just in case it helps. While it is the same signIn() function, the first time I call it without parameters and that redirects it to the default Login or Sign In page or the one configured in [...nextauth].js. That page reads the list of OAuth providers and display the buttons for each one. When anyone of the provider buttons is clicked the signIn function is called with the provider id as a parameter (and an optional callback for redirection) which triggers the actual authentication with the provider. |
Beta Was this translation helpful? Give feedback.
-
Would be nice to have a signUp function - or the ability to add it manually afterwards. |
Beta Was this translation helpful? Give feedback.
-
With at least the EmailProvider, I can do the following:
and
then in
However, that doesn't help me get the 'registration_data' into the database :( |
Beta Was this translation helpful? Give feedback.
-
I was going to ask the same question! I hope this feature is added soon. |
Beta Was this translation helpful? Give feedback.
-
The reason there is no signup function is because you don’t need it if your using google or another provider. What you do is when you get the success login result you do a query to your user api to see if they are saved into your database. I have since moved to use logto, which works as more traditional login but oAuth (self hosted)Sent from my iPhoneOn 19 Oct 2023, at 03:05, isaac sakyi ***@***.***> wrote:
I was going to ask the same question! I hope this feature is added soon.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Often times I forget what method I used to sign up on a website and I try credentials, email with a password, try the sign in with Google button, try Sign in with Apple button, etc. This is one reason why the distinction between sign in and sign up is good and users shouldn’t be registered implicitly when they only intend to sign in, because their record wasn’t found. The implementation on most apps usually have them distinct and I’ve used a few that don’t and implicitly create a new user on sign in. Personal experience—it’s a bad UX. |
Beta Was this translation helpful? Give feedback.
-
I wrote an article on how to circumvent this downside that I think might help you separate sign-in intents from sign-ups. Here’s the link: https://www.calebpitan.com/blog/handling-oauth-2-sign-in-and-sign-up-distinctly-with-next-auth. I hope you find it helpful! |
Beta Was this translation helpful? Give feedback.
-
after 4 years of asking this question still there is no such a functiuon .... |
Beta Was this translation helpful? Give feedback.
-
where is the signup function? |
Beta Was this translation helpful? Give feedback.
-
As of my understanding, we want to sign up through Google, Facebook, or others but as we already signed up on Google, Facebook, or others there is no point in signing up again on our platform. As we're getting the user data from the provider then why we ask for it again? By using the providers we already know that the user is verified. So when user clicks on signin' that means we're assuming that the user is registered in our platform, if not we save the email and he becomes our registered user. If the email exists the user just enter into his account smoothly. By this method, we just eliminate the hassle of registering. |
Beta Was this translation helpful? Give feedback.
-
Hello,
first I would like to thank you very much for the time and effort you put into this project!
I am not very familiar with authentication and authorization processes so this might be one of the reasons why I struggle with this.
My current understanding is that NextAuth either logs in an existing user or signs up AND logs in a new user with the signin() function. This would mean that I can, at one point in time, signin with the Google Provider and if I forget about that later on, sign in with the Facebook provider. Since there is no automatic merging of these accounts for security reasons I would end up with two distinct users. However, the actual user (now logged in via Facebook) might wonder where all his data is gone. Is this assumption correct?
What I want to achieve is, having a User Login and a User Signup/Registration Page. Users should only be able to log in, if they have first signed up/registered previously. For both pages I would like to use Providers like GitHub for example.
Registration: Create a new user + account in the database AND log in the user.
Signin: Only existing users (in the database) are allowed to log in
In the signin callback I can check whether a user already exists in the database or not by checking for user.id and therefore allow signin or decline it. In the previous example this would mean that, when the user tries to sign in with the Facebook provider, he would get an error message because he has not registered before.
My first attemt was to call the signin function from the login and registration page.
However, I am not able to distinguish whether the Authentication Flow was started from the Registration or the Signin Page, because I call the same signin() function. Which brings me to the starting question, why is there no signup function? Or is there a way to distinguish between a registration flow and signin/login flow?
I haven't found any pointers about that in the documentation or in the issues lists (except for the user merging issues). So I kind of have the feeling that my mental model about how this should work is twisted.
I would really appreciate if you could bring some light into this.
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions