Open obi-081 opened 4 years ago
I think the best solution would be to enable the developer to choose his own user resolver function. Like it is done in OpenID Connect authentication for Django Rest Framework with the OIDC_RESOLVE_USER_FUNCTION Parameter. https://github.com/ByteInternet/drf-oidc-auth
In Django, the email field is not unique, this means two users can have the same email sometimes. It would be great if each developer could choose how the User Lockup is done.
Hi !
My problem is that if a user already exist in the database with the same email but in different case, Django Microsoft Auth won't find him.
This is because in the file backend.py, line 162, we retrieve the User like this:
user = User.objects.get(email=data["email"])
Instead of like this (case insensitive):user = User.objects.get(email__iexact=data["email"])
Step to reproduce: