Feature Request: Add Google as an Alternative Sign-In Method + Account Relinking Support
Summary
Currently, Drips Wave only supports GitHub OAuth for authentication. This creates a single point of failure — if a user's GitHub account gets flagged, suspended, or compromised, they are completely locked out of their Drips Wave account and all associated data, with no recovery path available.
Problem
When a GitHub account is flagged, GitHub displays the following error when attempting to authorize third-party apps:
"This account is flagged, and therefore cannot authorize a third party application."
This means the user cannot log in to Drips Wave at all. If the flagged account also cannot be recovered or reinstated, the user permanently loses access — with no way to switch to a different identity provider or update their linked account.
For a platform that may hold financial or protocol-related data, this is a critical access risk.
Proposed Solution
1. Add Google OAuth on the Login Page (/wave/login?backTo=/wave)
- Add a "Sign in with Google" button alongside the existing "Log in with GitHub" button.
- Either provider should be able to authenticate the user into the same account once linked.
2. Link a Google Account via Settings (/wave/settings/app-experience)
- Allow existing GitHub-authenticated users to bind a Google account as a backup sign-in method.
- Once linked, either provider can be used to access the same Drips Wave account.
3. Automatic Account Binding via Email Matching (for Locked-Out Users)
- For users who are already locked out of their GitHub account and cannot access Drips Wave at all, manually linking a Google account through settings is not an option.
- To handle this, when a user attempts to sign in with Google, the system should check if the email address on the Google account matches the email tied to an existing Drips Wave account (via GitHub).
- If a match is found, the system should automatically bind the Google account to the existing Drips profile and grant access — without requiring any manual intervention from the user or the Drips team.
- This allows permanently locked-out users to seamlessly recover their account simply by signing in with a Google account that shares the same email address.
4. Ability to Unlink and Relink Identity Providers via Profile/Settings
- Allow users to unlink a connected GitHub or Google account and replace it with a different one.
- This is critical for situations where the original linked account is permanently flagged, banned, or otherwise unrecoverable.
- To prevent accidental lockout, unlinking should only be permitted when at least one other sign-in method is already linked to the account.
Proposed User Flows
Linking a backup provider (while still logged in):
Settings → App Experience → Connected Accounts → "Link Google Account"
Recovering access when fully locked out:
Login page → "Sign in with Google" → System detects email match with existing account → Google account is automatically bound → User is logged in
Switching a compromised/unrecoverable provider:
Settings → App Experience → Connected Accounts → "Unlink GitHub" → "Link new GitHub account" (or keep Google as primary)
Why This Matters
- Resilience: Users retain access even if one identity provider's account is restricted or suspended.
- Recoverability: If an account cannot be reinstated, users have a path to relink without losing their Drips Wave data.
- Flexibility: Not everyone prefers GitHub as their primary identity provider.
- Security: Reduces hard dependency on a single OAuth provider with no fallback.
Acceptance Criteria
Additional Context
This is similar to how platforms like Notion and Linear allow users to connect and manage multiple identity providers on a single account. The unlink/relink capability in particular is a meaningful safety net for permanent account loss scenarios, not just temporary ones. The email-matching auto-bind approach is especially important for users who are already locked out and have no way to link accounts through the settings page.
Feature Request: Add Google as an Alternative Sign-In Method + Account Relinking Support
Summary
Currently, Drips Wave only supports GitHub OAuth for authentication. This creates a single point of failure — if a user's GitHub account gets flagged, suspended, or compromised, they are completely locked out of their Drips Wave account and all associated data, with no recovery path available.
Problem
When a GitHub account is flagged, GitHub displays the following error when attempting to authorize third-party apps:
This means the user cannot log in to Drips Wave at all. If the flagged account also cannot be recovered or reinstated, the user permanently loses access — with no way to switch to a different identity provider or update their linked account.
For a platform that may hold financial or protocol-related data, this is a critical access risk.
Proposed Solution
1. Add Google OAuth on the Login Page (
/wave/login?backTo=/wave)2. Link a Google Account via Settings (
/wave/settings/app-experience)3. Automatic Account Binding via Email Matching (for Locked-Out Users)
4. Ability to Unlink and Relink Identity Providers via Profile/Settings
Proposed User Flows
Linking a backup provider (while still logged in):
Settings → App Experience → Connected Accounts → "Link Google Account"
Recovering access when fully locked out:
Login page → "Sign in with Google" → System detects email match with existing account → Google account is automatically bound → User is logged in
Switching a compromised/unrecoverable provider:
Settings → App Experience → Connected Accounts → "Unlink GitHub" → "Link new GitHub account" (or keep Google as primary)
Why This Matters
Acceptance Criteria
Additional Context
This is similar to how platforms like Notion and Linear allow users to connect and manage multiple identity providers on a single account. The unlink/relink capability in particular is a meaningful safety net for permanent account loss scenarios, not just temporary ones. The email-matching auto-bind approach is especially important for users who are already locked out and have no way to link accounts through the settings page.