[Bug: auth] Social sign-in users should bypass email verification
Maybe you don't consider this a bug but I find this flow to be a bit confusing and I think should be amended. If your auth requires email verification and you have social sign on enabled and the scope includes email address, you should not have to verify the email address. It is presumed that the email address has already been verified. I think the email verification should be considered complete at time of registration when using social sign on with email scope, and it should skip the verification screen and go to the dashboard/authenticated user homepage.
Hey!
Thanks for reporthing this! I'll look into it!
Got a PR here: https://github.com/thedevdojo/auth/pull/189/changes
Could you check if this way it works as expected?
This actually brings me to another point...I have a really hard time testing OAuth locally...apparently Laravel created https://fwd.host to proxy OAuth requests through a legit TLD, but for some reason this doesn't work on Wave. It only detects the .test domain and doesn't see the fwd.host part.
If I try to use expose.dev or localhost, The OAuth flow begins to work, but upon redirection you get a 404 that says "cannot find /billing". I don't get it. Another bug?
Also, ChatGPT I guess gave an interesting perspective. https://chatgpt.com/share/697a4dd1-f7f8-800b-b57e-77b3d10c6b85
You shouldn't necessarily assume all providers have verified the email. Google and some others do and notate this with a specific flag returned, but not true for all. I personally only use Google so it's fine but it may not work for everyone, or perhaps the method should include this nuance.