New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow social login to create new accounts if registration is disabled #574

Closed
tuaris opened this Issue Oct 25, 2017 · 4 comments

Comments

4 participants
@tuaris

tuaris commented Oct 25, 2017

This is related to #572

In a business setting you may want to have registrations disabled but still allow new users to sign in/create accounts using SSO that is limited to a specific domain.

Expected Behavior

SSO is enabled.
Registration is disabled -or- Registration is enabled but signup form is disabled
Domain restriction is enabled.

A new user attempts to sign on using SSO. The user account is automatically created.

Current Behavior

New users are unable to create accounts using company SSO when registration is disabled.
Or if Registration is enabled and SSO is enabled, a signup form is still present.

Steps to Reproduce

Enable SSO (ie Google)
Disable registration.

@s0n-

This comment has been minimized.

s0n- commented Oct 27, 2017

This is great! We have recently submitted an Okta Authentication and are running into this exact issue. Signing up and verifying isnt needed with SSO options. Would love this to be looked at so SSO options can automatically create the account and login.

@ssddanbrown

This comment has been minimized.

Member

ssddanbrown commented Nov 6, 2017

This is also somewhat related to #477.

My concern with this is that I'd like to support environments where registration is fully disabled but where SSO is used.

Maybe, instead of allowing registration when registration is enabled, This issue should be re-focused to something along the lines of Provide setting to disable registration with via standard username/password auth?

@ibrahimennafaa

This comment has been minimized.

Contributor

ibrahimennafaa commented Aug 15, 2018

@ssddanbrown I think this could be an important feature to have.

As part of a company, I want all my coworkers to be able to authenticate themselves using Google (with the domain of the company). If they login with Google and the user does not exist => a new user is created. If the user exists => we log him in.

For external users, I want to be able to create users with the right Role using the admin settings and set an email/password for them to access authorized books.

So if we simply add the option to automatically sign up users authnticated with Google for the first time, it could cover all use cases:

  • Allow signup of new users with email/password or no (depending on your need)
  • Allow Google auth on a specific domain
  • Do not require Google user of this specific domain to signup (automatically done on their first visit when they log in with Google)

I also would like to take this opportunity to thank you for this project. It's amazing and very helpful

@ssddanbrown

This comment has been minimized.

Member

ssddanbrown commented Sep 21, 2018

As of commit e60d11e this behaviour should now be possible.

Using Google, for example, setting:

GOOGLE_AUTO_REGISTER=true
GOOGLE_AUTO_CONFIRM_EMAIL=true

in your .env file will allow registration via Google from the login page and will also skip email confirmation for google-signups while still checking the domain.

Will be in the next release due within the next few days. Therefore I'll close this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment