I'm working on a Django project and i want to be able to disable or enable email registration verification in admin panel, with a radio button, if it's set to ON, when user registers to site need to verify email, but if it's set to OFF user account activate after registration and don't need to activate account with email verification
Hope you are having a good time.
I would like the purpose behind allowing email verification after registration because it's sole purpose is to validate authentic users and not allow unidentified login attempt to pass.
Because there have been so many hacking attempts just because of insecure security steps on login panel itself these days, I think it is better if we retain the email verification and not switch its permission.
Related
Im working with Python and Django.
I have a manual registration/login, and also I've installed with Allauth a Gmail registration/login.
When the user logins (with the manual login I created), it automatically executes a view which shows the differents things the user can do and information related to the user. The url is: http://127.0.0.1:8000/dashboard/9
screen capture here
In relation with Gmail, the user can register and login. But, when it logins, sees the url http://127.0.0.1:8000/accounts/google/login/callback/?(...), which confirms it is logged in.
screen capture here
I understand I should create a view in the social_app app, in order to connect the Gmail user with the information in the database. Any ideas? Thanks!
I think you want to go to your settings.py and set LOGIN_REDIRECT_URL = "/dashboard/9"
Check out the docs here, they are pretty complete: https://django-allauth.readthedocs.io/en/latest/configuration.html
I'm develop the site using Django and am using django social_auth API for social login authentication. Here in my website no need to display the change password option when am login using social account. So how to hide that option when am login with social account. OR If there is any possibility to know whether login using social account or website login. Kindly let me know if you have an idea to solve this issue. Thanking you.
A simple solution (when someone don't know the actual implementation) can be
Create a new table with user as foreign key and one more column with will work as flag for type of authentication.
The flag can be 1 for django user and 2 for social auth user
While creating the user in your system populate this table accordingly.
Hide the option of change the password on the basis of same table.
Check the session value social_auth_last_login_backend, if it's set it will have the last social backend used to login, if it's not set, then it means that the user logged in with non-social auth.
I'm using django-allauth plugin. It allows to configure the email verification through the ACCOUNT_EMAIL_VERIFICATION setting variable, but it doesn't differentiate between normal and social signup. I would like to verify the email only when registering via normal signup, and don't verify it when it is submitted via social signup. Is it possible? how can I do it?
it seems that the doc says
SOCIALACCOUNT_EMAIL_VERIFICATION (=ACCOUNT_EMAIL_VERIFICATION)
As ACCOUNT_EMAIL_VERIFICATION, but for social accounts.
if you set this one, django-allauth may do the difference when the user logs in
did you try it too ?
I have simple form for create new user in Django.
Also I want that request (from user) forward to the administrator's email, and just admin can enable that account. User has to wait respond from admin. If admin enable that account, user is going to be able to use account!
Create the user with is_active = False, Then you can easily filter those user on django admin panel.
Or you can use django signal such as post_save signal to send an email to administrator's email, email can be included with an activation link which is unique for activating the user.
You can create a separate model to keep inactivated user and for each record generate an random-hashed key. You can use that random-hashed key (token) in activation link that you sending to administrator's email.
There is already some application that let you to handle registration, for example django-registration. But your case it little bit tricky. Because you want to admin be able to activate those users. So I suggest you to look at django-registration source code. It's so clear and easy to understand. Just read the code and you will get the point.
I found the django-registration app, but it seems to complex for what I am trying to do. I want users to simply enter their e-mail (username) + a password and automatically be registered. No activations or confirmations. Hacker News style. Does anyone know what the simplest way to implement this would be? Is there something pre-existing out there that you know of (I couldn't find anything), should I somehow modify django-registration, or build this on my own?
Login/Authentication
To make Django authenticate using email/password instead of username/password, you will need to add to your settings.py:
AUTHENTICATION_BACKENDS = ('myproject.myauthenticationbackend')
This authentication backend needs to be able to authenticate a user based on email/password. A good email authentication backend can be found here: http://djangosnippets.org/snippets/74/
User Registration
Normally, your registration form will ask user for the email and password. However, Django's auth User model requires every user have a username. One way to handle adding a username is - upon saving of the registration modelForm, generate a random username (since we're not using it anyways).
You will need to check manually that the email the user has entered is already registered in your system.
I've also written a blog post about it a while back and has more complete notes on email authentication. It also includes a sample email/password registration form:
http://www.xairon.net/2011/05/django-email-only-authentication/
I don't know any app which is doing that but it seems quite simple. I don't think it is necessary to modify and use django-registration in this case.
Create a form that will ask for email and password and then create the corresponding user. The username may be generated from a slug of the email address.
Look at the following snippet for allowing to authenticate with an email address. http://djangosnippets.org/snippets/74/