A note on Email confirmation.
Part 2 is about Email Confirmation. Check out the whole series Django-allauth.
Table of Contents:
Interlude
If you are following my Part 1 tutorial on django-allauth and you’ve already tested connection to Facebook, and if you want to test Email Confirmation, you may want to go to /admin/socialaccount/socialaccount/ and remove existing connection and do the whole cycle again.
Settings for django-allauth
Additional configuration in settings.py file.
ACCOUNT_LOGOUT_REDIRECT_URL = '/accounts/login/'
LOGIN_REDIRECT_URL = '/accounts/email/'
AUTH_USER_MODEL = 'generalapp.CustomUser'
ACCOUNT_AUTHENTICATED_LOGIN_REDIRECTS = False # a personal preference. True by default. I don't want users to be interrupted by logging in
ACCOUNT_AUTHENTICATION_METHOD = 'email' # a personal preference. I don't want to add 'i don't remember my username' like they did at Nintendo, it is stupid
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = 'gen:email_success' # a page to identify that email is confirmed when not logged in
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = 'gen:email_success' # same but logged in
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 7 # a personal preference. 3 by default
ACCOUNT_EMAIL_REQUIRED = True # no questions here
ACCOUNT_EMAIL_VERIFICATION = 'mandatory' # as the email will be used for login
ACCOUNT_LOGIN_ON_PASSWORD_RESET = True # False by default
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = True # True by default
# ACCOUNT_LOGOUT_REDIRECT_URL = '/accounts/login'
ACCOUNT_USERNAME_BLACKLIST = ['yomama',]
ACCOUNT_USERNAME_MIN_LENGTH = 4 # a personal preference
ACCOUNT_SESSION_REMEMBER = True # None by default (to ask 'Remember me?'). I want the user to be always logged inSetting a Gmail account
You will need an email account to send emails from, obviously. An easy way is setting up Gmail. Here is a Google approved tutorial on that. Generally, steps are:
- Go to https://mail.google.com/mail/#settings/general
- Go to tab Forwarding POP/IMAP
- Enable IMAP Access
- Save changes.
Go to settings.py and add your account information.
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_PORT = 587
EMAIL_HOST_USER = 'myaccount@gmail.com'
EMAIL_HOST_PASSWORD = 'Password1234'
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' # !!!! very important for django-allauth specificallyNow, it’s not secure at all, you can hide it any way you normally do it.
Then in order to prepare your Gmail account for these highly invasive actions:
- https://accounts.google.com/DisplayUnlockCaptcha and set it free~
- https://myaccount.google.com/u/0/lesssecureapps and enable suspicious websites. Attention! In this link
0stands for the order number of the gmail account (starts with 0; you see/u/0/= user #0). In the right top corner check if it is the right account you are working with. - You also have to go to your Gmail and find a notification email from Google about security of your account from no-reply@accounts.google.com. Then go and confirm that it was you who did that.
Trying it out
Then let’s signup again. Go to http://localhost:8000/accounts/login/ and press Facebook. If everything’s fine, you will get am email:
Then you will be redirected to Login page, if you didn’t set up an Email_Success one. You can do it like this.
Success page
views.py
def email_success(request):
res = 'Email is verified!'
return HttpResponse('<p>%s</p>' % res)
urls.py
urlpatterns = [
path('email_success/', user_views.email_success,
name='email_success')
]settings.py
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = 'yourapp:email_success' # if you are not logged in
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = 'yourapp:email_success' # if you are logged in
UNIQUE_EMAIL = True # just to be sure, okI recommend adding UNIQUE_EMAIL too. Just to spare yourself a headache later.
Check it
In order to see if the email is confirmed, you need to look into allauth.account.models.EmailAddress field verified. Go to /admin/account/emailaddress/ and see for yourself if it worked.
It did!! Congrats, y’all.
Errors
SMTPAuthenticationError at /accounts/facebook/login/callback/
My suggestions
- YOU PASSWORD IS WRONG ok? You check that first (caps is out of my own disappointment in myself, nothing personal, pal).
- This error may occur at
localhost:8000or127.0.0.1:8000, but if it happens online, you need to set https. - If that doesn’t help either, check if both settings files contain these settings – your development one and production (live) one.
- Something is wrong with settings.
If you get other errors, go to my original post and find a solution. Or let me know in the comments – I’ll be happy to be of help 😉
Django Investigations 