Skip to content

SocialAccount

Links OAuth2/OIDC provider identity to local user.

Attributes:
provider: OAuth2 provider name (google, github, microsoft, oidc)
provider_user_id: Unique ID from the provider
user_id: Local user ID this account belongs to
display_name: Display name from provider (for UI)
email: Email from provider (for lookup, optional)
last_login_at: Last time this social account was used
Security:
- No sensitive data (tokens, secrets) stored here
- Only identity linking information
- Tokens are handled by OAuth2 flow, not persisted
Example:
# User signs in with Google
account = SocialAccount(
provider="google",
provider_user_id="1234567890",
user_id="user-001",
display_name="John Doe",
)

Source: social_account.py

Field Type Required Description Validators
provider str OAuth2 provider (google, github, microsoft, oidc) -
provider_user_id str Unique user ID from the provider -
user_id str Local user ID this account belongs to -
display_name str Display name from provider -
email None Email from provider (for lookup) -
last_login_at None Last time this social account was used for login -
Role Create Delete Read Write
User
Setting Value
Submittable False
Track Changes True

Controller hooks are implemented in *_controller.py files. Available lifecycle hooks:

  • validate() - Called before save, raise exceptions for validation errors
  • before_insert() - Called before inserting a new document
  • after_insert() - Called after successfully inserting
  • before_save() - Called before saving (insert or update)
  • after_save() - Called after saving
  • before_delete() - Called before deleting
  • after_delete() - Called after deleting