Hi, I have a few question (problem) with social and external logins.
Assume this scenario: Allow users to register to the system is disabled, external logins will does not work and users are receiving: Self user registration is disabled. Please contact the system administrator to register. error.
Assume this scenario: Allow users to register to the system is enabled, I register a user with her/his Gmail via admin panel (Or user registered himself via normal registration form), then if user try to login with external logins (Google) will receive following error: Email '[email protected]' is already taken.
Generally sites allows this kind of scenarios. It should not matter how user has been registered.
One more thing according to Google Docs after user signed in via Google OAuth developer should Verify the integrity of the ID token. I couldn't find any code doing this. Can you also guide me about this part?
thanks