Remove twitter Oauth (#408)

* Remove Twitter/X OAuth login integration

Fixes FPBASE-5NT

Twitter/X OAuth has been broken since late October 2025 due to X's
domain migration from twitter.com to x.com. The OAuth endpoint has
been returning error code 32 (Could not authenticate you) for
1,178+ attempts affecting 263 users over 2.5 months.

Since no users have contacted us about the issue and the 242
Twitter-only users can use password reset to regain access, removing
the broken integration is the cleanest solution.

Changes:
- Remove allauth.socialaccount.providers.twitter from INSTALLED_APPS
- Remove Twitter login button from login.html template
- Clean up Twitter-specific adapter logic
- Remove Twitter exclusion logic from provider_list.html template

* undo ignore change

* Add migration for year validator (2026 -> 2027)

Author: tlambert03

backend/config/settings/base.py

@@ -71,7 +71,6 @@
     "allauth.socialaccount",  # registration
     "allauth.socialaccount.providers.google",
     "allauth.socialaccount.providers.orcid",
-    "allauth.socialaccount.providers.twitter",
     "django_recaptcha",
     "django_filters",
     "reversion",

backend/fpbase/templates/account/login.html

@@ -26,8 +26,6 @@ <h1>{% trans "Sign In" %}</h1>
         <a href="{% provider_login_url 'google' %}" class="btn btn-google mt-2 w-100">{% icon "google" %} &nbsp; Log in with Google</a>
       {% elif provider.id == "orcid" %}
         <a href="{% provider_login_url 'orcid' %}" class="btn btn-orcid mt-2 w-100">{% icon "orcid" %} &nbsp; Log in with ORCID</a>
-      {% elif provider.id == "twitter" %}
-        <a href="{% provider_login_url 'twitter'%}" class="btn btn-twitter mt-2 w-100">{% icon "twitter" %} &nbsp; Log in with X</a>
       {% endif %}
     {% endfor %}
 

backend/fpbase/templates/socialaccount/snippets/provider_list.html

@@ -3,21 +3,16 @@
 {% if socialaccount_providers %}
     {% element provider_list %}
         {% for provider in socialaccount_providers %}
-            {# Exclude Twitter/X from the "connect" process (adding new accounts) #}
-            {% if process == "connect" and provider.id == "twitter" %}
-                {# Skip Twitter when connecting new accounts #}
-            {% else %}
-                {% if provider.id == "openid" %}
-                    {% for brand in provider.get_brands %}
-                        {% provider_login_url provider openid=brand.openid_url process=process as href %}
-                        {% element provider name=brand.name provider_id=provider.id href=href %}
-                        {% endelement %}
-                    {% endfor %}
-                {% endif %}
-                {% provider_login_url provider process=process scope=scope auth_params=auth_params as href %}
-                {% element provider name=provider.name provider_id=provider.id href=href %}
-                {% endelement %}
+            {% if provider.id == "openid" %}
+                {% for brand in provider.get_brands %}
+                    {% provider_login_url provider openid=brand.openid_url process=process as href %}
+                    {% element provider name=brand.name provider_id=provider.id href=href %}
+                    {% endelement %}
+                {% endfor %}
             {% endif %}
+            {% provider_login_url provider process=process scope=scope auth_params=auth_params as href %}
+            {% element provider name=provider.name provider_id=provider.id href=href %}
+            {% endelement %}
         {% endfor %}
     {% endelement %}
 {% endif %}

backend/fpbase/users/adapters.py

@@ -22,7 +22,4 @@ def clean_email(self, email):
 
 class SocialAccountAdapter(DefaultSocialAccountAdapter):
     def is_open_for_signup(self, request, sociallogin):
-        # Prevent new signups via Twitter/X (existing users can still log in)
-        if sociallogin.account.provider == "twitter":
-            return False
         return getattr(settings, "ACCOUNT_ALLOW_REGISTRATION", True)

backend/references/migrations/0009_alter_reference_year.py

@@ -0,0 +1,19 @@
+# Generated by Django 5.2.8 on 2026-01-11 23:58
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('references', '0008_alter_reference_year'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='reference',
+            name='year',
+            field=models.PositiveIntegerField(help_text='YYYY', validators=[django.core.validators.MinLengthValidator(4), django.core.validators.MaxLengthValidator(4), django.core.validators.MinValueValidator(1960), django.core.validators.MaxValueValidator(2027)]),
+        ),
+    ]