Add SSO support for Wagtail admin
stevejalim opened this issue · comments
Steve Jalim commented
Description
Before we get anywhere near production use, we need to ensure that the Django and Wagtail Admins can only be accessed via SSO.
We've done this already for Birdbox and Basket, and should take the same approach here, using mozilla-django-oidc
Success Criteria
- In a deployed site, SSO should be the ONLY way to log in
- covers Wagtail admin
- covers Django admin
- covers Django-RQ admin page
- In local builds, username + password should be allowed
- The script that generates a sqlite DB export (for local use) must not include any OIDC info at all