sdarwin
commented
11 months ago When switching the domain of website, social auth would show an error. I had imagined that after a user went through the steps to sign up with GitHub or Google, it stored a token in the database, linked to the domain, and caused this issue if the domain was different. However it looks like that might not be the case, and there is a solution.
In the admin panel at https://www.preview.boost.org/admin/socialaccount/socialapp/, social apps are linked to Google or GitHub via a client id and key. When migrating the domain (for example from "preview.boost.org" to "boost.org" ), create a new Oauth app in GitHub itself, matching the new domain, and then copy-paste the keys into the /admin/ panel, so that Oauth is configured at the server-wide level (not per user) to authenticate to GitHub using the new domain.
To configure this in GitHub, follow the steps similar to https://testdriven.io/blog/django-social-auth/, mentioned in development_setup_notes.md, but instead of port :8000 put the full official https: website URL. An id and key will be provided. The id and key go in "social applications" in the admin panel.
After making the modifications, social auth should work on the new domain (but not the previous one anymore.).
If a user signs up with "use GitHub" or "use Google" that process stores authentication information in the database linked to "preview.boost.org" and only "preview.boost.org".
In the future when switching from "preview.boost.org" to "boost.org" social auth will be broken.