Django-allauth integration

[mojeto]

• Enables social account Sign Up and login.
  • Only Google for now.
• Google social provider has to be configured manually in django admin after deploy.
• It works with Wagtail for single site configuration (one site in django sites and one site in wagtail site)
• I haven't tested it for multi site configuration.
• Requires Enable SSL #68 to be fixed.
• Sign In by standard credentials is allowed.
• Adds an option to Sign Up (by Google or standard credentials).

Ref #70

[loicteixeira]

Where is is defined now?

[mojeto]

All login pages points to django-allauth login page.
Wagtail admin login page is redirect in urls.py

LOGIN_URL defined in base.py on line 205 now.

[loicteixeira]

Ah sorry, I missed the double assignment WAGTAIL_FRONTEND_LOGIN_URL = LOGIN_URL = ...

[loicteixeira]

I believe some of those steps to be done already?

[mojeto]

I created a testing project to run it and test it locally. A new project (owned by somebody else than me) should be created for the live site.

[loicteixeira]

Approving for the back-end work but as discussed offline, it will need some styling before merging.

[loicteixeira]

@mojeto I found out today that there is a WAGTAIL_PASSWORD_MANAGEMENT_ENABLED setting which should be disabled when authentication is handled by a third party. However I'm not sure how this applies here as if I remember correctly, we do both.

[mojeto]

Good spotting @loicteixeira . We allow user password authentication in allauth. So keeping WAGTAIL_PASSWORD_MANAGEMENT_ENABLED means we may set user password in admin - good to keep that option. I would think more about WAGTAIL_PASSWORD_RESET_ENABLED to be set to False otherwise we have two different pages to reset user password.