We already handled those that returns empty, but it appears that at
least Microsoft can also return null/None. If those show up, just treat
them as empty.
We don't want two different accounts to exist with the same email
address only differing in case. This had already happened for a few
which have been manually fixed, since it turns out we only enforced the
rule on new account creation, not when accounts changed email address or
when they were created using oauth. Also add database level constraints to
make sure this cannot happen again if some codepath is missed.
This should normally never happen, and should cause an error. But it
should cause an error saying "invalid state received", not an error
saying kaboom.
Not only can they be without names, they can be a one word name which
would cause a different crash. Again, allow that through and let the
user make manual adjustments if they wish.
We need access to email, firstname and lastname, which is also what we
ask for. If the user forcibly restricts access to that, give a
reasonable error message instead of crashing.
This creates Google, Github, Microsoft and Facebook login integrations.
Other providers can also be added if needed. Accounts still need to be
created in the community auth system, and will be automatically created
on first login, when the user also gets to pick a username. Once an
account exists, it will be matched on email address from the external
systems.
No methods are enabled by default, as they all require encryption keys
and identities configured in local_settings.py.
Review by Stephen Frost, Jonathan Katz and Daniel Gustafsson.
