GitHub provider always chooses the first email

[Gioee]

Goals

The library should search in the users database if one of the provided email addresses from GitHub has already done a sign up. Otherwise it should create a new account with the first email provided by GitHub. Right now it's doing the same thing but just with the first email address provided by GitHub.

Non-Goals

No response

Background

The current alternative is to keep the signup page separated from the login page to avoid confusion for the final user, so if an user tries to login with GitHub and its primary mail doesn't have an account it should throw an error.

Proposal

next-auth/packages/core/src/providers/github.ts

Line 169 in a7491dc

profile.email = (emails.find((e) => e.primary) ?? emails[0]).email

Let's say a user has three email addresses: A, B, C.

The user signs up to a service using this library with his Google account that uses email A. Then after a few days the user tries to log in to the same service with a GitHub account that has email B, A and C. The service is going to make a new account since the email B hasn't been registered in the past. With this proposed modification it should log in with the email A that is in the GitHub account too.

[k-taro56]

Auth.js identifies users by the unique ID provided by the provider, not by the email address, so users can be recognized as the same user even if they have different email addresses.