From 2d048d4cabf076172b14dafa662f4d16fe37860a Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Fri, 15 May 2026 14:30:56 +0200
Subject: [PATCH] feat(OAuth): enhance OAuth user handling and add localized
 messages

---
 backend/controllers/authController.js       | 4 ++--
 frontend/src/i18n/locales/ceb/settings.json | 4 ++++
 frontend/src/i18n/locales/de/settings.json  | 4 ++++
 frontend/src/i18n/locales/en/settings.json  | 4 ++++
 frontend/src/i18n/locales/es/settings.json  | 4 ++++
 frontend/src/i18n/locales/fr/settings.json  | 4 ++++
 frontend/src/views/settings/AccountView.vue | 5 +++--
 7 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/backend/controllers/authController.js b/backend/controllers/authController.js
index 7d81a62..15688ad 100644
--- a/backend/controllers/authController.js
+++ b/backend/controllers/authController.js
@@ -106,7 +106,7 @@ class AuthController {
     }
 
     async oauthUserStart(req, res) {
-        const { userid: hashedUserId } = req.headers;
+        const hashedUserId = req.headers.userid || req.query.userid;
         const { provider } = req.params;
         try {
             const User = (await import('../models/community/user.js')).default;
@@ -127,7 +127,7 @@ class AuthController {
     }
 
     async oauthUserExchange(req, res) {
-        const { userid: hashedUserId } = req.headers;
+        const hashedUserId = req.headers.userid || req.query.userid;
         const { code, state } = req.body;
         try {
             const User = (await import('../models/community/user.js')).default;
diff --git a/frontend/src/i18n/locales/ceb/settings.json b/frontend/src/i18n/locales/ceb/settings.json
index 91523ff..6880ff6 100644
--- a/frontend/src/i18n/locales/ceb/settings.json
+++ b/frontend/src/i18n/locales/ceb/settings.json
@@ -163,6 +163,10 @@
                 "saved": "Malampuson nga nasave ang account settings.",
                 "saveError": "Adunay sayop sa pagsave sa account settings."
             },
+            "oauthTitle": "Gihisgutan nga mga Account",
+            "oauthIntro": "Ikonekta ang imong account sa usa ka eksternal nga provider aron magamit para sa pag-login.",
+            "oauthNoIdentities": "Wala pa'y gihisgutan nga eksternal nga account.",
+            "oauthRemoveConfirm": "Gusto ba nimo gyud nga tangtangon kining authentication?",
             "adultAccessTitle": "Erotik nga lugar",
             "adultAccessIntro": "Ang erotik nga lugar para lamang sa hamtong nga mga tiggamit ug gikinahanglan usab og pag-aprub sa moderator.",
             "requestAdultVerification": "Mangayo og pag-abli",
diff --git a/frontend/src/i18n/locales/de/settings.json b/frontend/src/i18n/locales/de/settings.json
index 46518f8..b0265f4 100644
--- a/frontend/src/i18n/locales/de/settings.json
+++ b/frontend/src/i18n/locales/de/settings.json
@@ -163,6 +163,10 @@
                 "saved": "Account-Einstellungen erfolgreich gespeichert.",
                 "saveError": "Ein Fehler ist beim Speichern der Account-Einstellungen aufgetreten."
             },
+            "oauthTitle": "Verbundene Konten",
+            "oauthIntro": "Verknüpfe deinen Account mit einem externen Anbieter, um dich damit einloggen zu können.",
+            "oauthNoIdentities": "Noch keine externen Konten verbunden.",
+            "oauthRemoveConfirm": "Möchtest du diese Authentifizierung wirklich entfernen?",
             "adultAccessTitle": "Erotikbereich",
             "adultAccessIntro": "Der Erotikbereich ist nur für volljährige Nutzer gedacht und wird zusätzlich durch Moderatoren freigeschaltet.",
             "requestAdultVerification": "Freischaltung anfragen",
diff --git a/frontend/src/i18n/locales/en/settings.json b/frontend/src/i18n/locales/en/settings.json
index 33d9443..6bff9d3 100644
--- a/frontend/src/i18n/locales/en/settings.json
+++ b/frontend/src/i18n/locales/en/settings.json
@@ -163,6 +163,10 @@
                 "saved": "Account settings saved successfully.",
                 "saveError": "An error occurred while saving the account settings."
             },
+            "oauthTitle": "Connected Accounts",
+            "oauthIntro": "Link your account with an external provider to use it for login.",
+            "oauthNoIdentities": "No external accounts connected yet.",
+            "oauthRemoveConfirm": "Do you really want to remove this authentication?",
             "adultAccessTitle": "Erotic area",
             "adultAccessIntro": "The erotic area is intended only for adult users and also requires moderator approval.",
             "requestAdultVerification": "Request access",
diff --git a/frontend/src/i18n/locales/es/settings.json b/frontend/src/i18n/locales/es/settings.json
index 5382914..f168042 100644
--- a/frontend/src/i18n/locales/es/settings.json
+++ b/frontend/src/i18n/locales/es/settings.json
@@ -163,6 +163,10 @@
                 "saved": "Los ajustes de la cuenta se guardaron correctamente.",
                 "saveError": "Se produjo un error al guardar los ajustes de la cuenta."
             },
+            "oauthTitle": "Cuentas conectadas",
+            "oauthIntro": "Vincula tu cuenta con un proveedor externo para poder iniciar sesión con él.",
+            "oauthNoIdentities": "Aún no hay cuentas externas conectadas.",
+            "oauthRemoveConfirm": "¿Realmente deseas eliminar esta autenticación?",
             "adultAccessTitle": "Área erótica",
             "adultAccessIntro": "El área erótica está destinada solo a usuarios adultos y además requiere aprobación de moderación.",
             "requestAdultVerification": "Solicitar acceso",
diff --git a/frontend/src/i18n/locales/fr/settings.json b/frontend/src/i18n/locales/fr/settings.json
index 26a9bb7..a60e34c 100644
--- a/frontend/src/i18n/locales/fr/settings.json
+++ b/frontend/src/i18n/locales/fr/settings.json
@@ -163,6 +163,10 @@
                 "saved": "Paramètres du compte enregistrés avec succès.",
                 "saveError": "Une erreur s'est produite lors de l'enregistrement des paramètres du compte."
             },
+            "oauthTitle": "Comptes connectés",
+            "oauthIntro": "Liez votre compte à un fournisseur externe pour pouvoir vous connecter avec.",
+            "oauthNoIdentities": "Aucun compte externe connecté pour l'instant.",
+            "oauthRemoveConfirm": "Voulez-vous vraiment supprimer cette authentification ?",
             "adultAccessTitle": "Espace érotique",
             "adultAccessIntro": "La zone érotique est uniquement destinée aux utilisateurs majeurs et est également activée par les modérateurs.",
             "requestAdultVerification": "Demander l'activation",
diff --git a/frontend/src/views/settings/AccountView.vue b/frontend/src/views/settings/AccountView.vue
index 87aa613..603c699 100644
--- a/frontend/src/views/settings/AccountView.vue
+++ b/frontend/src/views/settings/AccountView.vue
@@ -196,10 +196,11 @@ export default {
                 return;
             }
             this.oauthLoading = true;
-            window.location.href = `/api/auth/oauth/user/${encodeURIComponent(providerSlug)}/start`;
+            const uid = this.user?.hashedId || '';
+            window.location.href = `/api/auth/oauth/user/${encodeURIComponent(providerSlug)}/start?userid=${encodeURIComponent(uid)}`;
         },
         async removeOAuthIdentity(identityId) {
-            if (!confirm('Möchtest du diese Authentifizierung wirklich entfernen?')) {
+            if (!confirm(this.$t('settings.security.oauthRemoveConfirm'))) {
                 return;
             }