allauth 65.14.2 stopped trusting X-Forwarded-For by default. Since
Tandoor's internal nginx proxies to gunicorn via a unix socket,
REMOTE_ADDR is always empty, causing PermissionDenied on every
rate-limited endpoint (login, signup, password reset). Default to 1
for the built-in nginx so login works out of the box.
- Fix invite link: authenticated user already in space now redirects
to index instead of incorrectly redirecting to signup
- Fix bare except in system view social provider enumeration
- Add 10 new tests (31 total): social adapter _mask_email, error
caching with email masking, cache cap at 50, invite link group
verification, space deactivation, already-in-space redirect,
nonexistent UUID
- Fix formatting warning indentation in authentication docs
- Fix misleading SOCIALACCOUNT_AUTO_SIGNUP note — email matching
works independently, not dependent on AUTO_SIGNUP setting
- Move AUTO_SIGNUP info block below the example
- Use HIDE_LOGIN_FORM in example instead of SOCIALACCOUNT_ONLY
- Consolidate configuration.md social auth into settings table
with cross-links to authentication feature docs
The superuser gate was wrong — the error page is shown to
unauthenticated users who just failed login, so nobody would
ever see the details. The exception info from allauth is safe
to display (provider name, error code, message — not stack traces).
- Fix "ins" typo in authentication.md
- Update outdated allauth docs URL to docs.allauth.org
- Add cross-reference table for all social auth settings in
configuration.md with links to authentication.md sections
- Gate exception details in error page behind superuser check
- Mask email addresses in cached social login errors
- Fix N+1 query in system view: batch SocialAccount counts
- Clean up lazy imports in social_adapter.py (move to top level)
- Remove duplicate django_scopes import in views.py
- Fix SOCIAL_DEFAULT_ACCESS documented as space ID (is boolean)
- Fix misleading "invite-only" example title and clarify that
account creation is controlled at the identity provider level
- Remove redundant ENABLE_SIGNUP=0 from social-only example
- Update Django Admin section with explicit /admin/ path
- Fix ENABLE_SIGNUP info box to reference SOCIALACCOUNT_AUTO_SIGNUP
- Fix trailing comma in SOCIAL_PROVIDERS example
- Fix Keycloak example line break in code block
- Add SOCIALACCOUNT_AUTO_SIGNUP and SOCIALACCOUNT_ONLY env settings
- Fix is_open_for_signup: scope ENABLE_SIGNUP check to account_signup
view only, allowing OAuth callbacks through (was blocking social
auto-signup when ENABLE_SIGNUP=0)
- Fix invite link redirect for SOCIALACCOUNT_ONLY mode
- Add pre_social_login hook to warn when unverified provider emails
prevent email-based account matching
- Guard SOCIAL_DEFAULT_ACCESS against missing Space or Group (crash→warning)
- Add startup warnings for lockout configs (SOCIALACCOUNT_ONLY without
providers, HIDE_LOGIN_FORM without auth methods, EMAIL_AUTHENTICATION
without email config)
- Document invite-only workflow, verified email requirements, and all
new settings
Remove pyppeteer from requirements and comment out all PDF export
code paths. API endpoints return an error message directing users
to browser print (Ctrl+P) instead.
- Clarified which Mealie exports are supported
- Corrected capitalization, punctuation and spelling throughout the document for consistency and clarity.
When using social login as the primary login method, it is sometimes
desirable to hide the regular login form so users are forced to login
via the social login methods.
This patch adds an additional setting controlled by the boolean
environment variable HIDE_LOGIN_FORM, which when enabled prevents the
display of the login form, forgot password, and sign-up buttons, as log
as there is at least one available social login provider.
This behaviour can by bypassed by adding ?form=1 to the login URL,
allowing the use of a local admin account