In my Django application I am using Python Social Auth to use Google OAuth for my site's login. As a part of login mechanism the authentication middleware appends User object to reach request. Because of this I can easily access user emails through request.user.email on my server (which I don't want because of my site's privacy policy).
So is there a way to use third party authentications systems without getting user emails on my server side.
I am fine with writing a code that assigns username/alias for the first time user, which shall be used in future references.
You can configure Google OAuth scope to not request the client's email from Google.
Example settings:
SOCIAL_AUTH_GOOGLE_OAUTH2_IGNORE_DEFAULT_SCOPE = True
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
# only put here things that you want google to return
'https://www.googleapis.com/auth/userinfo.profile',
# something else ...
]
All Google OAuth2 scopes are listed in this table: https://developers.google.com/identity/protocols/googlescopes#oauth2v2