2 files changed, 20 insertions, 6 deletions

diff --git a/server/ui/controller/controller.go b/server/ui/controller/controller.go
index 8a45912b..8555c7b8 100644
--- a/server/ui/controller/controller.go
+++ b/server/ui/controller/controller.go
@@ -44,11 +44,12 @@ func (c *Controller) getCommonTemplateArgs(ctx *core.Context) (tplParams, error)
 	}
 
 	params := tplParams{
-		"menu":         "",
-		"user":         user,
-		"countUnread":  countUnread,
-		"csrf":         ctx.CSRF(),
-		"flashMessage": ctx.FlashMessage(),
+		"menu":              "",
+		"user":              user,
+		"countUnread":       countUnread,
+		"csrf":              ctx.CSRF(),
+		"flashMessage":      ctx.FlashMessage(),
+		"flashErrorMessage": ctx.FlashErrorMessage(),
 	}
 	return params, nil
 }
diff --git a/server/ui/controller/oauth2.go b/server/ui/controller/oauth2.go
index 25899ff2..2aaa5d7d 100644
--- a/server/ui/controller/oauth2.go
+++ b/server/ui/controller/oauth2.go
@@ -71,7 +71,20 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re
 	}
 
 	if ctx.IsAuthenticated() {
-		user := ctx.LoggedUser()
+		user, err := c.store.UserByExtraField(profile.Key, profile.ID)
+		if err != nil {
+			response.HTML().ServerError(err)
+			return
+		}
+
+		if user != nil {
+			logger.Error("[OAuth2] User #%d cannot be associated because %s is already associated", ctx.UserID(), user.Username)
+			ctx.SetFlashErrorMessage(ctx.Translate("There is already someone associated with this provider!"))
+			response.Redirect(ctx.Route("settings"))
+			return
+		}
+
+		user = ctx.LoggedUser()
 		if err := c.store.UpdateExtraField(user.ID, profile.Key, profile.ID); err != nil {
 			response.HTML().ServerError(err)
 			return