SocialAccount
Links OAuth2/OIDC provider identity to local user.
Attributes:
provider: OAuth2 provider name (google, github, microsoft, oidc)
provider_user_id: Unique ID from the provider
user_id: Local user ID this account belongs to
display_name: Display name from provider (for UI)
email: Email from provider (for lookup, optional)
last_login_at: Last time this social account was used
Security:
- No sensitive data (tokens, secrets) stored here
- Only identity linking information
- Tokens are handled by OAuth2 flow, not persisted
Example:
# User signs in with Google
account = SocialAccount(
provider="google",
provider_user_id="1234567890",
user_id="user-001",
display_name="John Doe",
)
Source: social_account.py
Fields
| Field | Type | Required | Description | Validators |
|---|---|---|---|---|
| provider | str | OAuth2 provider (google, github, microsoft, oidc) | - | |
| provider_user_id | str | Unique user ID from the provider | - | |
| user_id | str | Local user ID this account belongs to | - | |
| display_name | str | Display name from provider | - | |
| str | None | Email from provider (for lookup) | ||
| last_login_at | datetime | None | Last time this social account was used for login |
Configuration
| Setting | Value |
|---|---|
| Submittable | False |
| Track Changes | True |
Controller
Controller hooks are implemented in *_controller.py files.
Available lifecycle hooks:
validate()- Called before save, raise exceptions for validation errorsbefore_insert()- Called before inserting a new documentafter_insert()- Called after successfully insertingbefore_save()- Called before saving (insert or update)after_save()- Called after savingbefore_delete()- Called before deletingafter_delete()- Called after deleting