From 6e8f5569144efcb07144243c45c43b44990d2dcb Mon Sep 17 00:00:00 2001 From: Kashiftariq1997 Date: Fri, 23 Jan 2026 21:40:26 +0500 Subject: [PATCH 1/2] Fixed SSO login with company --- app/controllers/sso_login_controller.rb | 28 ++++++++++++------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/app/controllers/sso_login_controller.rb b/app/controllers/sso_login_controller.rb index 3cacc099..0d2d7339 100644 --- a/app/controllers/sso_login_controller.rb +++ b/app/controllers/sso_login_controller.rb @@ -65,24 +65,20 @@ class SsoLoginController < ApplicationController end def find_or_create_user(email, first_name, last_name, company_id = nil, company_name = nil) - # Find or create account based on company_id - account = find_or_create_account_by_company(company_id, company_name) - # Try to find existing user by email (email is unique globally) user = User.find_by(email: email) if user - # User exists - check if they're in the correct account - if user.account_id != account.id - # User exists but in a different account - # Move user to the correct account if company_id is provided - if company_id.present? - Rails.logger.info("Moving user #{email} from account #{user.account_id} to account #{account.id} (company_id: #{company_id})") - user.update(account_id: account.id) - else - # If no company_id provided, keep user in existing account but log warning - Rails.logger.warn("User #{email} exists in account #{user.account_id} but company_id not provided in token") - account = user.account # Use existing account + # User exists - KEEP them in their existing account + # Don't move users between accounts to preserve their data (files, templates, etc.) + account = user.account + Rails.logger.info("User #{email} exists in account #{account.id} (#{account.name}). Keeping in existing account.") + + # Log if company_id points to a different account (for debugging) + if company_id.present? || company_name.present? + expected_account = find_or_create_account_by_company(company_id, company_name) + if expected_account && user.account_id != expected_account.id + Rails.logger.warn("User #{email} is in account #{user.account_id} but company_id #{company_id} points to account #{expected_account.id}. User kept in existing account to preserve data.") end end @@ -96,7 +92,9 @@ class SsoLoginController < ApplicationController return user end - # User doesn't exist, create a new one in the specified account + # User doesn't exist - create account based on company_id and create new user + account = find_or_create_account_by_company(company_id, company_name) + # Generate a random password for the new user password = SecureRandom.hex(16) From 2c0959e8164d69fc6b182cef7cc4fd800e418715 Mon Sep 17 00:00:00 2001 From: Kashiftariq1997 Date: Fri, 23 Jan 2026 21:54:15 +0500 Subject: [PATCH 2/2] Fixed name update issue --- app/controllers/sso_login_controller.rb | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/app/controllers/sso_login_controller.rb b/app/controllers/sso_login_controller.rb index 0d2d7339..9bd11f62 100644 --- a/app/controllers/sso_login_controller.rb +++ b/app/controllers/sso_login_controller.rb @@ -82,10 +82,16 @@ class SsoLoginController < ApplicationController end end - # Update user info if provided and different + # Don't update name from SSO token for existing users + # This preserves user's manually updated profile information + # Only update if name fields are empty (initial setup) update_attrs = {} - update_attrs[:first_name] = first_name if first_name.present? && user.first_name != first_name - update_attrs[:last_name] = last_name if last_name.present? && user.last_name != last_name + if user.first_name.blank? && first_name.present? + update_attrs[:first_name] = first_name + end + if user.last_name.blank? && last_name.present? + update_attrs[:last_name] = last_name + end user.update(update_attrs) if update_attrs.any?