You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In tokens.py the is_superuser status of a user will always be overwritten by this library.
user.is_superuser = bool(
self.config.superuser_group
and "groups" in claims
and self.config.superuser_group in claims["groups"]
)
Make this code optional via settings so when an existing user is authenticated the already existing is_superuser status can be used.
I ran into this limitation as the groups scope is not returned in the flow unless one has the API Access Management feature in Okta which allows custom authorization server (see here), so could not use the SUPERUSER_GROUP setting.
Same applies to is_staff.
The text was updated successfully, but these errors were encountered:
Andras1000
changed the title
Allow to leave control of is_superuser status with Django
Leave control of is_superuser status with Django by default
Mar 31, 2021
In
tokens.py
theis_superuser
status of a user will always be overwritten by this library.Make this code optional via settings so when an existing user is authenticated the already existing
is_superuser
status can be used.I ran into this limitation as the
groups
scope is not returned in the flow unless one has the API Access Management feature in Okta which allows custom authorization server (see here), so could not use theSUPERUSER_GROUP
setting.Same applies to
is_staff
.The text was updated successfully, but these errors were encountered: