Fix/verify sso bug

[melohagan]

Description

Niche bug with Microsoft SSO and password accounts.

When verifying an MS SSO email account, if this same email address had been used to create a password account by an admin, you would be unable to verify the email again if the user was deleted and re-added.

This is because the SSO user profile CouchDB doc was not being removed on deletion of the user.

Screenshots

When a Microsoft user is added with a password account, but signs in with SSO, you get multiple documents in Couch.

Deletion of the user in this screen was not removing the SSO user profile, which prevents subsequent email verification if that user is re-added.

Also updated the password reset screen:
https://linear.app/budibase/issue/GRO-560/make-the-reset-your-password-support-the-enter-key

password.screen.mov

Launchcontrol

Minor bug fix relating to Microsoft SSO

[adrinr]

In which case it can return an array? We are casting the result to a single user, and we are passing a single id

[melohagan]

It returns an array if the following Couch view finds more than one document:

const viewJs = `function(doc) {
    if (doc.tenantId) {
      emit(doc._id.toLowerCase(), doc._id)
    }

    if (doc.ssoId) {
      emit(doc.ssoId, doc._id)
    }
  }`

In this case it is these two documents:

The document has the property ssoId, so emit that property as the key

The document has the property tenantId, so emit the _id property as the key

This will result in two documents matching the SSO ID.

[adrinr]

If this is the case, we might have all the usages wrong. You are casting the results as PlatformUser, so if it returns an array we will have issues. Should we handle the possible arrays on the usages? (fe. packages/backend-core/src/users/db.ts, line 454)

[melohagan]

Update the types to just return the array, or call getFirstPlatformUser where appropriate