In my app, I need an email for every user. Facebook inconveniently for me does not provide it as a part of public profile. So I ask for permission:
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', 'public_profile']
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {
'fields': 'id,name,email',
}
Now, user has the option to not grant the email permission. I want to make registration impossible without granting this permission. How do I do it?
You need to add function to the authentication pipeline that enforces the email requirement or raises AuthForbidden instead. Here's an example:
from social_core.exceptions import AuthForbidden
def email_required(backend, details, user=None, *args, **kwargs):
if details.get('email') or user and user.email:
return
else:
raise AuthForbidden(backend)
You need to put that function before the user or social relation is created, so after social_uid should be fine.