Skip to content

fix: address OAuth review feedback and remove legacy OAuth fields#218

Open
pari-28 wants to merge 1 commit into
roshankumar0036singh:mainfrom
pari-28:feature-oauth-provider-token-verification
Open

fix: address OAuth review feedback and remove legacy OAuth fields#218
pari-28 wants to merge 1 commit into
roshankumar0036singh:mainfrom
pari-28:feature-oauth-provider-token-verification

Conversation

@pari-28

@pari-28 pari-28 commented Jun 22, 2026

Copy link
Copy Markdown

Summary

This follow-up PR addresses the review feedback from #202.

Changes

  • Removed the insecure provider-linking flow that allowed claiming OAuth identities without verification.
  • Prevented account lockout scenarios caused by unlinking the last login method.
  • Removed legacy OAuthProvider and OAuthID fields to eliminate duplicate sources of truth.
  • Fixed ignored errors in OAuth account update flows.
  • Improved transaction safety around OAuth account creation.
  • Updated tests accordingly.

Verification

  • go build ./...
  • go test ./...

All tests are passing.

Related to #202.

Summary by CodeRabbit

  • Refactor

    • Simplified user authentication model by removing OAuth provider tracking.
    • Updated account linking logic to streamline OAuth integration handling.
  • Tests

    • Updated authentication tests to reflect simplified user model structure.

@coderabbitai

coderabbitai Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Currently processing new changes in this PR. This may take a few minutes, please wait...

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: f267c047-b262-47fa-9ebd-1d4bc208d7bc

📥 Commits

Reviewing files that changed from the base of the PR and between d61168a and 0278a4f.

📒 Files selected for processing (3)
  • internal/handler/oauth_handler_test.go
  • internal/models/user.go
  • internal/service/auth_service.go
 _________________________________________
< Here's Johnny! Ready to axe those bugs. >
 -----------------------------------------
  \
   \   \
        \ /\
        ( )
      .( o ).
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud

Copy link
Copy Markdown

@pari-28

pari-28 commented Jun 22, 2026

Copy link
Copy Markdown
Author

Summary

This follow-up PR addresses the review feedback from #202.

Changes

  • Removed the insecure provider-linking flow that allowed claiming OAuth identities without verification.
  • Prevented account lockout scenarios caused by unlinking the last login method.
  • Removed legacy OAuthProvider and OAuthID fields to eliminate duplicate sources of truth.
  • Fixed ignored errors in OAuth account update flows.
  • Improved transaction safety around OAuth account creation.
  • Updated tests accordingly.

Verification

  • go build ./...
  • go test ./...

All tests are passing.

Related to #202.

Summary by CodeRabbit

  • Refactor

    • Simplified user authentication model by removing OAuth provider tracking.
    • Updated account linking logic to streamline OAuth integration handling.
  • Tests

    • Updated authentication tests to reflect simplified user model structure.

@pari-28 pari-28 closed this Jun 22, 2026
@github-actions github-actions Bot locked and limited conversation to collaborators Jun 22, 2026
@pari-28 pari-28 reopened this Jun 22, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant