Skip to content

[Exploratory] Dynamic login methods configuration #214

Open
Open
[Exploratory] Dynamic login methods configuration#214
@heysamtexas

Description

@heysamtexas
heysamtexas
opened on Aug 19, 2025

Description

EXPLORATORY TICKET - Research making django-allauth login methods configurable through admin interface.

⚠️ Complexity Warning: Login methods affect core authentication flow. Changes could break existing user sessions or authentication patterns.

Current State

Login methods hardcoded in settings.py:

  • ACCOUNT_LOGIN_METHODS = {"email"}
  • ACCOUNT_LOGIN_BY_CODE_ENABLED = False

Research Goals

  • Test if ACCOUNT_LOGIN_METHODS can be dynamically overridden
  • Investigate session/authentication compatibility issues
  • Research magic link login dynamic configuration
  • Document migration path for existing users

Potential Implementation

Add fields to SiteConfiguration:

  • allowed_login_methods - JSON field for login methods
  • magic_link_enabled - Boolean for code-based login

Critical Questions

  1. Do login method changes affect existing sessions?
  2. Can we safely switch between username/email login?
  3. What happens to users mid-authentication flow?
  4. Are there security implications of dynamic auth methods?

Risk Assessment

  • High Risk: Changes to core authentication behavior
  • Session Impact: May affect logged-in users
  • Migration Complexity: Existing user accounts may need updates

Labels: research, django-allauth, high-risk, complexity-warning
Priority: Low (Research only - proceed with caution)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions