Open mojeto opened 6 years ago
@mojeto I found out today that there is a WAGTAIL_PASSWORD_MANAGEMENT_ENABLED
setting which should be disabled when authentication is handled by a third party. However I'm not sure how this applies here as if I remember correctly, we do both.
Good spotting @loicteixeira . We allow user password authentication in allauth. So keeping WAGTAIL_PASSWORD_MANAGEMENT_ENABLED means we may set user password in admin - good to keep that option. I would think more about WAGTAIL_PASSWORD_RESET_ENABLED
to be set to False
otherwise we have two different pages to reset user password.
Ref #70