# Login with Social Providers

**ID:** EU-005
**Priority:** Medium
**Status:** Planned

## User Story
As an end user, I want to log in using my existing Google, GitHub, or Microsoft account so that I don't have to remember another password.

## Acceptance Criteria
- [ ] User can sign in with Google
- [ ] User can sign in with GitHub
- [ ] User can sign in with Microsoft
- [ ] First-time social login creates a new account automatically
- [ ] Social login can be linked to existing account
- [ ] User can unlink social providers from settings
- [ ] Profile data (name, email, avatar) is imported from provider
- [ ] User can still set a password for email/password login

## Technical Notes
- Package.json keywords mention OAuth - infrastructure may be partially planned
- Implement OAuth 2.0 / OpenID Connect flows
- Store provider tokens securely for API access if needed
- Handle email conflicts (social email matches existing account)
- Consider using passport.js or similar for provider abstraction

## Related TODOs
- New feature - OAuth mentioned in package.json keywords but not implemented