Skip to content

Connect and disconnect social accounts in account settings#78

Merged
ICubE01 merged 11 commits into
mainfrom
feature/connect-identities
Jun 29, 2026
Merged

Connect and disconnect social accounts in account settings#78
ICubE01 merged 11 commits into
mainfrom
feature/connect-identities

Conversation

@ICubE01

@ICubE01 ICubE01 commented Jun 29, 2026

Copy link
Copy Markdown
Owner

Summary

  • Account settings now lets users connect and disconnect Google, Naver, and Kakao accounts to their existing account.
  • Social login and connect now require a verified email from the provider (Google and Kakao), so an account cannot be created or linked with an unverified address.
  • Connect/disconnect failures show localized messages instead of raw English.

Backend

Features

  • EmailNotVerifiedException + SocialAuthController handler return 400 with a clear message when the provider email is unverified.
  • GoogleOidcProviderClient now rejects unverified emails via EmailNotVerifiedException.
  • KakaoOidcProviderClient verifies is_email_verified / is_email_valid against Kakao's classic user API (Kakao's OIDC ID token omits the claim); a RestClientException from that call is mapped to an OAuth error rather than surfacing as a 500.
  • application.yaml: override Kakao user-info-uri to the classic user API that exposes the verification flags.

Frontend

Features

  • AccountPage: new "외부 계정 연결" section to connect/disconnect each provider.
  • SocialCallbackPage: detects connect-vs-login intent via sessionStorage, refreshes the access token before connecting (so a token that expired on the consent screen no longer fails the link), and connects through the authenticated endpoint.
  • socialAuthErrors: Korean translations for the connect/disconnect and email-not-verified errors.

Refactor

  • useAuth.refresh() now returns the new access token.
  • Extract resolveResponseError to dedupe social-auth error-body parsing.

Chore

  • Add the Naver green icon and favicon; rename NaverIcon to NaverIconWhite.

ICubE01 added 11 commits June 30, 2026 00:49
- Additional social identity connection sets an item in session storage
- The page detects it then decides whether to log in or connect
useAuth.refresh now returns the new access token. SocialCallbackPage's
connect path refreshes first and sends the connect request via raw fetch
with that fresh token, so a token that expired during the provider consent
screen no longer fails the connect. Using fetch instead of useAxios also
avoids the 401 interceptor retrying genuine OAuth errors (which the backend
returns as 401) after the code/state have already been consumed.
@ICubE01
ICubE01 merged commit 10d3b5d into main Jun 29, 2026
2 checks passed
@ICubE01
ICubE01 deleted the feature/connect-identities branch June 29, 2026 18:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant