[Question] Is it possible to make user lose access if social account is deleted?

RealmTeam / django-rest-framework-social-oauth2

python-social-auth and oauth2 support for django-rest-framework

MIT License

1.06k stars 191 forks source link

[Question] Is it possible to make user lose access if social account is deleted? #121

Closed felipejfc closed 7 years ago

felipejfc commented 7 years ago

Hi,

I want to use google auth to permit users from our company domain in one django app of ours, my question is: do this plugin works in a way that if an user email has been deleted it will lose access to the app? If so, what's the needed config?

Regards

PhilipGarnero commented 7 years ago

If your users account has been deleted, they won't be able to login using google anymore. However, they may have access token and refresh tokens they can still use. You can simply revoke all of your user's tokens and he won't be able to login anymore.