feat: login user via email instead of username

dervoeti · dervoeti · commit cd27e53e3e3d · 2025-04-03T11:58:29.000+02:00
diff --git a/backend/application/access_control/services/oidc_authentication.py b/backend/application/access_control/services/oidc_authentication.py
@@ -12,7 +12,7 @@
 from rest_framework.request import Request
 
 from application.access_control.models import Authorization_Group, User
-from application.access_control.queries.user import get_user_by_username
+from application.access_control.queries.user import get_user_by_email
 from application.commons.models import Settings
 
 OIDC_PREFIX = "Bearer"
@@ -71,12 +71,12 @@ def _validate_jwt(self, token: str) -> Optional[User]:
                 algorithms=ALGORITHMS,
                 audience=os.environ["OIDC_CLIENT_ID"],
             )
-            username = payload.get(os.environ["OIDC_USERNAME"])
-            user = get_user_by_username(username)
+            email = payload.get(os.environ["OIDC_EMAIL"])
+            user = get_user_by_email(email)
             if user:
                 user = self._check_user_change(user, payload)
                 return user
-            return self._create_user(username, payload)
+            return self._create_user(email, payload)
         except jwt.PyJWTError as e:
             raise AuthenticationFailed(str(e)) from e
 
@@ -94,10 +94,10 @@ def _get_jwks_uri(self) -> str:
 
         return jwks_uri
 
-    def _create_user(self, username: str, payload: dict) -> User:
-        user = User(username=username, first_name="", last_name="", email="")
-        if os.environ.get("OIDC_EMAIL"):
-            user.email = payload[os.environ["OIDC_EMAIL"]]
+    def _create_user(self, email: str, payload: dict) -> User:
+        user = User(email=email, first_name="", last_name="", username="")
+        if os.environ.get("OIDC_USERNAME"):
+            user.username = payload[os.environ["OIDC_USERNAME"]]
         if os.environ.get("OIDC_FULL_NAME"):
             user.full_name = payload[os.environ["OIDC_FULL_NAME"]]
         if os.environ.get("OIDC_FIRST_NAME"):
@@ -126,15 +126,15 @@ def _create_user(self, username: str, payload: dict) -> User:
             return user
         except IntegrityError as e:
             # User was most likely created by another request
-            existing_user = get_user_by_username(username)
+            existing_user = get_user_by_email(email)
             if not existing_user:
                 raise e
             return existing_user
 
     def _check_user_change(self, user: User, payload: dict) -> User:
         user_changed = False
-        if os.environ.get("OIDC_EMAIL") and user.email != payload[os.environ["OIDC_EMAIL"]]:
-            user.email = payload[os.environ["OIDC_EMAIL"]]
+        if os.environ.get("OIDC_USERNAME") and user.username != payload[os.environ["OIDC_USERNAME"]]:
+            user.username = payload[os.environ["OIDC_USERNAME"]]
             user_changed = True
         if os.environ.get("OIDC_FULL_NAME") and user.full_name != payload[os.environ["OIDC_FULL_NAME"]]:
             user.full_name = payload[os.environ["OIDC_FULL_NAME"]]
diff --git a/backend/pyproject.toml b/backend/pyproject.toml
@@ -14,9 +14,9 @@ python = ">= 3.10, < 3.13"
 gunicorn = "23.0.0"  # https://github.com/benoitc/gunicorn
 django = "5.1.7"  # https://www.djangoproject.com/
 django-environ = "0.12.0"  # https://github.com/joke2k/django-environ
-django-filter = "25.1"  # https://github.com/carltongibson/django-filter
+django-filter = "25.1"  # https://github.com/carltongibson/django-filter 
 django-csp = "3.8"  # https://github.com/mozilla/django-csp
-django-picklefield = "3.3"  # https://github.com/gintas/django-picklefield
+django-picklefield = "3.3"  # https://github.com/gintas/django-picklefield 
 django-encrypted-model-fields = "0.6.5"  # https://gitlab.com/lansharkconsulting/django/django-encrypted-model-fields
 argon2-cffi = "23.1.0"  # https://github.com/hynek/argon2_cffi
 whitenoise = "6.9.0"  # https://github.com/evansd/whitenoise
@@ -27,7 +27,7 @@ django-cors-headers = "4.7.0" # https://github.com/adamchainz/django-cors-header
 # OpenAPI 3
 # ------------------------------------------------------------------------------
 drf-spectacular = "0.28.0" # https://github.com/tfranzel/drf-spectacular
-drf-spectacular-sidecar = "2025.3.1"  # https://github.com/tfranzel/drf-spectacular-sidecar
+drf-spectacular-sidecar = "2025.4.1"  # https://github.com/tfranzel/drf-spectacular-sidecar
 # Token authentication
 # ------------------------------------------------------------------------------
 PyJWT = "2.10.1"  # https://github.com/jpadilla/pyjwt
