Prevent two accounts from behing linked to the same external account

back/src/Kyoo.Authentication/Controllers/OidcController.cs

@@ -112,9 +112,12 @@ public class OidcController(
 		return user;
 	}
 
-	public async Task<User> LinkAccount(Guid userId, string provider, string code)
+	public async Task<User> LinkAccountOrLogin(Guid userId, string provider, string code)
 	{
 		(_, ExternalToken extToken) = await _TranslateCode(provider, code);
+		User? user = await users.GetByExternalId(provider, extToken.Id);
+		if (user != null)
+			return user;
 		return await users.AddExternalToken(userId, provider, extToken);
 	}
 }

back/src/Kyoo.Authentication/Views/AuthApi.cs

@@ -173,7 +173,7 @@ namespace Kyoo.Authentication.Views
 
 			Guid? userId = User.GetId();
 			User user = userId.HasValue
-				? await oidc.LinkAccount(userId.Value, provider, code)
+				? await oidc.LinkAccountOrLogin(userId.Value, provider, code)
 				: await oidc.LoginViaCode(provider, code);
 			return new JwtToken(
 				tokenController.CreateAccessToken(user, out TimeSpan expireIn),

back/tests/Kyoo.Tests/Database/RepositoryActivator.cs

@@ -59,7 +59,7 @@ namespace Kyoo.Tests.Database
 			SeasonRepository season = new(_NewContext(), thumbs.Object);
 			LibraryItemRepository libraryItem = new(_NewConnection(), new(null));
 			EpisodeRepository episode = new(_NewContext(), show, thumbs.Object);
-			UserRepository user = new(_NewContext(), _NewConnection(), new(null), thumbs.Object);
+			UserRepository user = new(_NewContext(), _NewConnection(), new(null), thumbs.Object, new());
 
 			_repositories = new IBaseRepository[]
 			{