in moderator/moderate/auth.py [0:0]
def get_or_create_user(self, access_token, id_token, payload):
"""Get or create a new user only if they have one of the groups
mentioned in the ALLOWED_LOGIN_GROUPS in the claims.
"""
user_info = self.get_userinfo(access_token, id_token, payload)
groups = user_info.get("https://sso.mozilla.com/claim/groups", [])
# The user is not staff or NDA member. Return None
if not any(x in groups for x in settings.ALLOWED_LOGIN_GROUPS):
return None
return super(ModeratorAuthBackend, self).get_or_create_user(
access_token, id_token, payload
)