Python | Django-allauth setup and Configuration

User registration is one of the most essential parts of a web application. django-registration-redux and django-alluth are the most famous registration apps available in Django. This tutorials series deals with setup, configuration, and customization of django-allauth and serve as a guide for new users who want to get started quickly with allauth and make useful customizations along the way without much pain.

This article covers setup and some basic configurations. Later, we will deal with social login, extending classes and efficient use of DefaultAccountAdapter to add custom process.

It can be overwhelming to a django novice or a new user of djnago-allauth itself. Although it is well documented, due to time and resource constraints of the developers involved, there has not been many articles and in-depth tutorials on the library. So this series tries to solve that problem and make a comprehensive series of guides to make django-allauth easy to use and work with for the django-community.

How to Setup?
You can download the files used in the tutorial to get a head start. The steps below guide you through the setup.

  • Create a Django project if you already don’t have one.
  • Install django-allauth using the command pip install django-allauth
  • Add 'allauth, allauth.account', allauth.socialaccount and all the necessary social logins to INSTALLED_APPS. You can view the entire list of supported API’s here. The Social login feature is described in detail in the next article. After you configure your installed apps should be similar as given below.
filter_none

edit
close

play_arrow

link
brightness_4
code

INSTALLED_APPS = [
    'django.contrib.admin',
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    'allauth.socialaccount.providers.google',
    'allauth.socialaccount.providers.facebook',
    'django.contrib.auth',
    'django.contrib.sites',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
]

chevron_right


  • Configure the template context processor settings in settings.py and also add URL pattern in the project urls.py
  • filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    TEMPLATES = [
      {
            'BACKEND': 'django.template.backends.django.DjangoTemplates',
            'DIRS': [
                os.path.normpath(os.path.join(BASE_DIR, 'templates')),
            ],
            'APP_DIRS': True,
            'OPTIONS': {
                'context_processors': [
                    'django.template.context_processors.debug',
                    'django.template.context_processors.request',
                    'django.contrib.auth.context_processors.auth',
                    'django.contrib.messages.context_processors.messages',
                    'django.template.context_processors.request',
                ],
            },
        },
    ]

    chevron_right

    
    

  • Add the following authentication backend.
  • filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    AUTHENTICATION_BACKENDS = (
        'django.contrib.auth.backends.ModelBackend',
        'allauth.account.auth_backends.AuthenticationBackend',
    )

    chevron_right

    
    

  • Copy the template files from the django-allauth repository or my custom repository(I have made some modifications and some good structuring) and paste it in the templates folder in your project directory.
  • Add the allauth urls in urls.py of your main project directory. After adding the allauth urls the below should look like,
  • filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    from django.contrib import admin
    from django.urls import path
    from django.conf.urls import url, include</code></pre>
    <pre><code>urlpatterns = [
        path('admin/', admin.site.urls),
        url(r'^accounts/', include('allauth.urls')),
    ]

    chevron_right

    
    

    • You can also add the custom CSS yourself or my CSS (Well commented and documented) that I have created during my use of the allauth templates. It includes styling for almost all the pages, and even mobile-friendly email templates for confirmation and password reset emails. You can do that by creating a static folder in the project directory and placing the CSS in account folder.
    • Run python manage.py makemigrations and python manage.py migrate to run all the necessary migrations and run python manage.py runserver to start the django server.
    • Follow the URL patterns to display the registration form.
      Eg: localhost:8000/accounts/login to display the login page.



    Configuration:
    Most django-allauth features are can be configured using the built-in adapters and variables by placing them in settings.py. file. Although the documentation has tons of such options with good explanations, highlighted some important ones below.

    • Email confirmation expiry: Sets the number of days within which an account should need to be activated. Eg:ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS=7
    • Email required for activation: This option allows you to set whether the email address should be required to register. Set False to disable email requirement. Eg: ACCOUNT_EMAIL_REQUIRED = True
    • Account email verification: This option can be used to set whether an email verification is necessary for a user to login after he registers an account. You can use ‘mandatory’ to block a user from logging in until the email gets verified. You can set optional for sending the email but allowing the user to login without an email. You can also set none to not send any verification email. (Not Recommended) Eg: ACCOUNT_EMAIL_VERIFICATION = "mandatory"
    • Login Attempt Limit: This is an important feature which can be used to prevent brute force attacks on the user login module in allauth. The maximum number of login attempts can be set, and the user gets blocked from logging in until a timeout. This feature makes use of ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT setting. Eg: ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
    • Login Attempt Limit timeout: This setting needs to should is used with ACCOUNT_LOGIN_ATTEMPTS_LIMIT setting. The value set is in seconds from last unsuccessful login attempt. Please do not that this does not prevent admin login from being brute forced. Eg: ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT = 86400 # 1 day in seconds
    • Login and Logout URL redirection: When user logs in or logs out, you might want to redirect the user to a particular URL or page and the below settings can be used to set those values. By default allauth redirects login to /accounts/profile/ URL and logout to the localhost:8000 or any localhost homepage.
      Eg : ACCOUNT_LOGOUT_REDIRECT_URL ='/accounts/login/'
      Eg : LOGIN_REDIRECT_URL = '/accounts/email/'

    Finally, your allauth settings should look similar to the below settings.

    filter_none

    edit
    close

    play_arrow

    link
    brightness_4
    code

    #django-allauth registraion settings
    ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS =1
    ACCOUNT_EMAIL_REQUIRED = True
    ACCOUNT_EMAIL_VERIFICATION = "mandatory"
    ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5
      
    # 1 day
    ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT = 86400 
      
    #or any other page
    ACCOUNT_LOGOUT_REDIRECT_URL ='/accounts/login/' 
      
    # redirects to profile page if not configured.
    LOGIN_REDIRECT_URL = '/accounts/email/'

    chevron_right

    
    

     
    References:
    django-allauth official documentation
    My custom templates and css



    My Personal Notes arrow_drop_up

    Check out this Author's contributed articles.

    If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

    Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.