Create individual users

Author: matthiask

app/settings.py

@@ -23,8 +23,9 @@
 
 BASE_DIR = Path(__file__).resolve().parent.parent
 
-ADMINS = [("FEINHEIT Developers", "[email protected]")]
-MANAGERS = ADMINS
+# These values may be overridden using environment variables. ADMINS as is,
+# DEFAULT_FROM_EMAIL and SERVER_EMAIL using EMAIL_URL
+ADMINS = MANAGERS = env("ADMINS", default=[("FEINHEIT Developers", "[email protected]")])
 SERVER_EMAIL = DEFAULT_FROM_EMAIL = "[email protected]"
 
 DATABASES = {"default": django_database_url(env("DATABASE_URL", required=True))}
@@ -181,7 +182,9 @@
 else:
     os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"
 
-ADMIN_OAUTH_PATTERNS = [(r"@feinheit\.ch", "[email protected]")]
+SSO_DOMAINS = env("SSO_DOMAINS", default=r"@feinheit\.ch$")
+ADMIN_OAUTH_PATTERNS = [(SSO_DOMAINS, lambda match: match[0])]
+ADMIN_OAUTH_CREATE_USER_CALLBACK = "app.sso.create_user_callback"
 
 LOGIN_URL = reverse_lazy("login")
 LOGIN_REDIRECT_URL = "/"

app/sso.py

@@ -0,0 +1,8 @@
+from authlib.little_auth.models import User
+
+
+def create_user_callback(request, user_mail):
+    # SSO users automatically get superuser access
+    user = User(email=user_mail, is_superuser=True)
+    user.set_unusable_password()
+    user.save()