What are the implications of letting oauth2 users change their email addresses?

We are using oauth2 to keep user accounts synced to Fedora accounts. One user has noted that she does not want to interact with Discourse using that same email, for $REASONS. What are the implications of letting users change their address here? Will they still be able to log in the same way? Are there any gotchas I should look out for?


They can change their email address in Discourse and then add the oauth2 on their preferences page if they click the “Add alternate Email” link.

I just checked and doing a Google auth2 login with my secondary address logs me into this account.


Okay, thanks. We only want the oauth login… does this disrupt that in any way?

I’m not really sure. If they try to log in with oauth after they’ve changed their email and before they’ve added it as secondary then it’ll try to create a new account, I think.

Oh, that would be bad! Is there, perhaps, a way to allow the addition of a secondary email address while making the primary one fixed?

Right. I think that You can add the second address and then switch which is primary. You’ll have to try it.

It looks like it should work.

1 Like

Wait, sorry, I don’t think that answers my question. I guess I wasn’t clear. Right now, we have email editable turned off. This keeps the primary address fixed — and prevents the addition of a secondary one. It sounds like changing the primary address would cause problems (“it’ll try to create a new account”), so is there a way to enable the addition of a secondary email address which could be used for replies to messages without allowing the primary one to be changed?

Either you want to let the user edit their address or you don’t.

The primary address is the one that Discourse sends email to.

Sorry, let me rephrase the initial part. She doesn’t mind the mail coming from discourse to be directed to that inbox. However, her mail client is not configured to send mail from that address. It’s my understanding that if her usual address were added as a secondary, Discourse would understand to properly associate incoming responses (which are now rejected as not matching her email address).

Does that make sense?

Yeah secondary email should work here, I am not sure though of the implications here. You may not want to fiddle with the primary emails. Maybe give it a shot and see what happens?


Thanks! Is there a way to let users add secondary email addresses without allowing alteration of the primary?

Yeah, once emails are enabled you can add alternates in your account prefs. Try it on meta.

But here I can also change my primary address, right? That’s what happened on our site, too — I changed the email editable setting, and now I can both add a secondary address and change the primary. How can I make it so users can just do the first of those?

Sorry if I’m being dense!

I do not think we have this flexibility at the moment, closest you can probably do is disable fiddling with primary via CSS.

OAuth is keyed on a special key anyway, so the impact of fiddling with primary email should be extremely low, login will still work and be associated to the main fedora account.


Ah, OK. The discussion above made me think that it’d cause duplicate accounts.

Anything else I should be aware of?

Not sure, I guess the only other thing you should be aware of is that we build an admin interface for merging accounts… so worst case if you discover an issue you can sort it out yourself.


Thanks, Sam. Let’s find out!

1 Like