Skip to content
This repository has been archived by the owner on Sep 7, 2023. It is now read-only.

Releases: sultaniman/django-auth0

Tiny

24 Sep 18:46
@sultaniman sultaniman
v0.0.3
fa99e6f
Compare
Choose a tag to compare
Tiny Latest
Latest

This update addresses two issues #4 #5 to provide users with more consistent processing of usernames and emails thanks to @brendonjohn.

Release details

#4

the order of values in AUTHENTICATION_BACKENDS for a projects settings is the order that Django will attempt to authenticate a user. If the Auth0Backend is used first, you're not able to login to the Django admin. This is because Auth0Backend assumes an email will be provided and then raise a Value error.

#5
In the Auth0Backend the authenticate method handles the auth0 payload.

The username field for users are supposed to be unique. Currently the nickname key in the payload is used as the username. This is not suitable as the nickname is not unique.

Example:

  • I sign up an account where my email is [email protected]. Auth0 will provide brendon as the nickname
  • Someone else signs up where their email is brendon@newperson. Auth0 will set their nickname to also be brendon.

When the second user attempts to signup, the unique constraint on the username field will be violated and so an error is thrown.

Auth0 gives two methods for identifying users. I suggest replacing the use of nickname with user_id

Assets 2
Loading