SocialAccount
Links OAuth2/OIDC provider identity to local user.
Attributes: provider: OAuth2 provider name (google, github, microsoft, oidc) provider_user_id: Unique ID from the provider user_id: Local user ID this account belongs to display_name: Display name from provider (for UI) email: Email from provider (for lookup, optional) last_login_at: Last time this social account was used
Security: - No sensitive data (tokens, secrets) stored here - Only identity linking information - Tokens are handled by OAuth2 flow, not persisted
Example: # User signs in with Google account = SocialAccount( provider="google", provider_user_id="1234567890", user_id="user-001", display_name="John Doe", )Source: social_account.py
Fields
Section titled “Fields”| Field | Type | Required | Description | Validators |
|---|---|---|---|---|
| provider | str | OAuth2 provider (google, github, microsoft, oidc) | - | |
| provider_user_id | str | Unique user ID from the provider | - | |
| user_id | str | Local user ID this account belongs to | - | |
| display_name | str | Display name from provider | - | |
| None | Email from provider (for lookup) | - | ||
| last_login_at | None | Last time this social account was used for login | - |
Permissions
Section titled “Permissions”| Role | Create | Delete | Read | Write |
|---|---|---|---|---|
| User | ✓ | ✓ |
Configuration
Section titled “Configuration”| Setting | Value |
|---|---|
| Submittable | False |
| Track Changes | True |
Controller
Section titled “Controller”Controller hooks are implemented in *_controller.py files.
Available lifecycle hooks:
validate()- Called before save, raise exceptions for validation errorsbefore_insert()- Called before inserting a new documentafter_insert()- Called after successfully insertingbefore_save()- Called before saving (insert or update)after_save()- Called after savingbefore_delete()- Called before deletingafter_delete()- Called after deleting