|
|
|
|
|
|
by jimeuxx
4630 days ago
|
|
|
I was surprised account duplication wasn't mentioned as a disadvantage. If a user taps the wrong button on their tablet, then they can end up with one or more duplicate accounts if the e-mails are different. I currently have an e-mail confirmation screen that makes it clear a new account is about to be created. I seem to remember Stack Overflow getting me to click a button too. It adds no real burden to new (non-Twitter) users. I'm still wondering about the best way to handle this in Rails though. Passing the OAuth hash data through a second request to confirm the e-mail doesn't feel quite right to me, even if I make an OAuth service object to clean up the code and some policies to standardise the hash. |
|
|
We do have bizarre situations like people logging in using Twitter or Yahoo accounts bound to GMail, but they are rarely an issue. It's more frequent the case where a user is trying to open their account page using the wrong GMail account.
Anyway, our plan is to detect multiple accounts with the same e-mail address and offer the user to merge them, but we are not sure about how to do this since e-mail addresses are not immutable.