OAuth example should not infer org affiliation from the email field.

[algal]

This example parses the user's email, returned from Google's authorization server, in order to determine if the user should have access:

fasthtml-example/oauth_example/oa.py

Line 9 in 6a985a7

if info.email_verified and email.split('@')[-1]=='answer.ai':

However, Google says not to do this, and to use the "hd claim" instead:

We should update the example to follow Google's advice.

An analogous change will also be needed in the fasthtml explainer notebook: https://github.com/AnswerDotAI/fasthtml/blob/main/nbs/explains/oauth.ipynb

It may appear elsewhere as well.

[warner-benjamin]

Link to the Google Identity documentation screenshot: https://developers.google.com/identity/openid-connect/openid-connect#re-consent