Accounts for Django made beautifully simple

Overview

Django Userena

Build Status Coverage Status

Userena is a Django application that supplies your Django project with full account management. It's a fully customizable application that takes care of the signup, activation, messaging and more. It's BSD licensed, which means you can use it commercially for free!

Documentation

Complete documentation about the installation, settings and F.A.Q. is available on Read the Docs.

For list of updates and changes see UPDATES.md file.

Comments
  • Signin after signup

    Signin after signup

    Adds a USERENA_SIGNIN_AFTER_SIGNUP setting, which automatically signs a newly registered user in if True and if USERENA_ACTIVATION_REQUIRED is False.

    Adds documentation in settings.rst.

    If you like the feature but I am missing something, let me know and I'll complete.

    Thanks for Userena!

    opened by kvnn 15
  • HTTP 405 response when user tries to signup, but the form contains errors.

    HTTP 405 response when user tries to signup, but the form contains errors.

    The problem is in ExtraContextTemplateView - it only implements the get method (in TemplateView), but the signup view is defined as:

    def signup(...):
        if request.method == 'POST':
            if form.is_valid():
                . . .
                return redirect(...)
    
        return ExtraContextTemplateView.as_view(...)
    

    Since I think this might happen on other places in userena.views, I added a post() method to ExtraContextTemplateView by copying the get method.

    opened by boris-chervenkov 7
  • Django 1.9 compatibility fixes

    Django 1.9 compatibility fixes

    Some commits that makes django-userena work with Django 1.9.

    Django 1.4 compatibility had to be dropped ({% load url from future %} was removed from Django 1.9).

    So far, the changes seem to work fine, but some more testing is certainly needed before making a release.

    improvement 
    opened by smlz 6
  • django 1.6 password reset compatibility fixes

    django 1.6 password reset compatibility fixes

    This pull request fixes password reset on django>=1.6.0.

    It adds password reset wies tests and creates new submodule named userena.compat. This is proposition to handle in future any compatibility issues.

    Note that this pull request depend on #386. Merge #386 before merging this one or simply forgot about #386. Sorry for that inconvienience but I was in hurry and wanted to contribute my code ASAP because I need that fixes in my production application. I simply simply don't want to watch if earlier PR was accepted and merged, because I could forget to create new one.

    Finally I couldn't be sure that my fixes doesn't break anything without merging #386.

    This pull request fixes/closes issues #381, #384, #372, #371 without duplicating urls in userena.urls or changing url names.

    opened by swistakm 6
  • Invitation flow

    Invitation flow

    This patch is not ready to be merged, but I wanted to put it out there to see if there is interest in offering an invitation flow in django-userena.

    The patch allows existing users to invite a new user by entering their email address and optionally other user info like their first name. If no user with that email address exists a user is created so that it can be used for some basic interaction.

    At the same time an activation email is sent out to the email address. It contains a link that allows the user to activate their account by entering a password. At this point no further email address validation is needed and the user is immediately signed in.

    Cheers, Felix

    opened by fberger 5
  • Remove 'username' param from URLs with keys

    Remove 'username' param from URLs with keys

    It seems like something of a lapse in the security/anonymity provided by using SHA1 keys for user activation and email confirmation changes to have the "username" directly in the URL, and really there's no reason to have it since the lookup can be done on the key anyway.

    opened by ghinch 5
  • Moderated Registration Feature - Issue #81

    Moderated Registration Feature - Issue #81

    I've implemented a moderated registration feature. By default all functionality is the same, however there is now the capability to set the following in your settings.py:

    USERENA_MODERATED_REGISTRATION = True
    USERENA_ACTIVATION_REJECTED = 'ACTIVATION_REJECTED'
    USERENA_PENDING_MODERATION = 'PENDING_MODERATION'
    

    With moderated registration enabled, the following happens:

    • User registers
    • Receives activation email, and clicks activation link
    • Gets msg that they are activated, but pending administrators approval
    • The admin logs into the django admin, clicks 'Users', selects user, performs the 'Approve user registration' or 'Reject user registration' action from the drop down.
    • An approval or rejection email is sent accordingly

    This is an extremely important feature for us during pilot periods where we want something online publicly but only want specific people able to fully register and login. I did my best to follow Userena's coding style/layout/etc. If there is anything you are questionable about please let me know... however I feel it is a very sane and simple solution.

    Thanks!

    opened by derks 5
  • fix issue #455

    fix issue #455

    in python 3 all model must be have the str method because unicode doesn't exist

    https://docs.djangoproject.com/en/1.7/topics/python3/#str-and-unicode-methods

    opened by leonardoo 4
  • BUGFIX: Signin form initialization.

    BUGFIX: Signin form initialization.

    It's hard to realized this issue when using Django default templating system as it's too nice to tell the error. However, if you use Jinja2 you will get error in signin form.

    I believe it was a typo as other forms in views are okay.

    Credit goes to Fuhong Liu for locating this bug. Initially we had a fix in template but later Fuhong Liu found that it should have been fixed in the views.

    opened by fengsi 4
  • User activation

    User activation

    Why User's activation is so impositive? There should have others options, like allowing users to login even if they don't confirm their emails.

    This commit adds 'USERENA_ACTIVATION', and when it is False, users signup as active.

    opened by zvictor 4
  • Identify stealing for superusers

    Identify stealing for superusers

    Hi userena team,

    Here's a patch for the auth backend that allows a superuser to steal the identity of another user. This is very useful when a user reports an error on her/his account and you want to test it.

    Cheers,

    Guillaume

    opened by glibersat 4
  • Update FAQ to Work with Current Version of Django

    Update FAQ to Work with Current Version of Django

    Updated the "Hackery" to move the new fields to the front of the OrderedDict with move_to_end('key', last=False).

    Updated user_profile = new_user.get_profile() to user_profile = new_user.my_profile. get_profile() has been deprecated.

    opened by WisChrendel 3
  • don't allow signin view redirect to different host

    don't allow signin view redirect to different host

    Current signin view accept next parameter for redirect after login successfully but it don't safe check url. It could be exploited to redirect to different page other than current host

    opened by meomap 3
  • Signin view should have argument for inactive url redirect

    Signin view should have argument for inactive url redirect

    After login successfully, there's no way to specify redirect url if account is disabled. It's hardcoded with url resolved from name userena_disabled and arguments username.

    What if application doesn't want to include username in url and just return a static template. All the usage of redirect in views have option for that except this usecase

    opened by meomap 1
  • Support custom user model with USERNAME_FIELD !=

    Support custom user model with USERNAME_FIELD != "username"

    I'm using a custom auth model with USERNAME_FIELD = "email".

    The changes here are enough, along with

    USERENA_REGISTER_PROFILE = False
    USERENA_REGISTER_USER = False
    

    to get django-userena up and running with my project. However, I haven't done any thorough testing yet.

    improvement 
    opened by dpretty 4
Releases(v2.0.1)
  • v2.0.1(Mar 23, 2016)

    Fixes and improvements:

    • Fixed missing README.md that caused installation failure (#517).
    • Use universal wheels when distributing the package.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0(Mar 22, 2016)

    Backwards incompatible changes:

    • Drop support for Django 1.4
    • Add support for Django 1.9
    • Added new Django 1.9 migration for userena and userena.contrib.umessages. Old South migrations are still available in userena.south_migrations and userena.contrib.umessages.south_migrations but are deprecated and may be removed in future major releases. South>1.0 is required for older versions of Django.
    • django-guardian requirement bumped to <=1.4.1 as newer version (1.4.2) fails on tests.
    • removed all {% load url from future %} from userena templates for compatibility with Django 1.9
    • sha_constructor(), smart_text(), and md5_constructor removed from userena.compat
    • Use simple list literal as url patterns instead of django.conf.urls.patterns() function

    Deprecated features:

    • userena.utils.get_user_model is deprecated and will be removed in version 3.0.0. Use django.contrib.auth.get_user_model

    Fixes and improvements:

    • More nodes added to the travis test matrix.
    • Some documentation moved to .md files.
    • Deprecated unittest aliases replaced in tests.
    • Updated list of trove classifiers.
    • Added option to execute runtests script with pattern parameter to limit number of tests.
    • Added {posargs} to test command execution in tox.ini to improve developer experience during tests.
    • Minor documentation improvements.
    • Set django-guardian<1.4.0 version for Django 1.5 and 1.6 tests.
    Source code(tar.gz)
    Source code(zip)
  • v1.5.1(Mar 22, 2016)

  • v1.5.0(Mar 22, 2016)

    Fixes and improvements:

    • Updated Norwegian translations and fixed issue with unicode characters sent to utils.generate_sha1 (#472)
    • Fix upload_to_mugshot if model uses primary key diffrent than id (#475)
    • Minor compatibility improvements (#485)
    • Refactored mailer (#486)
    • Password reset email now inlcudes email template for django>=1.7 (#493)
    • Fixes to translations (#499)
    • Added Romanian translations (#500)

    Backwards incompatible changes:

    • django-guardian has version fixed to <=1.3.1 due to django 1.4 compatibility
    Source code(tar.gz)
    Source code(zip)
  • v1.4.1(May 22, 2015)

    • hack in usermail removed since recent dependencies does not require it (#462)
    • minor improvements in documentation (#461)
    • fixed bug that caused usernames to be altered (#456)
    • fixed support for python3.2/python3.4 (#455, #453)
    Source code(tar.gz)
    Source code(zip)
  • v1.4.0(Mar 22, 2016)

  • v1.3.2(Mar 22, 2016)

  • v1.3.1(Mar 22, 2016)

    Backwards incompatible changes:

    • When USERENA_ACTIVATION_REQUIRED = False, creating new user does not automatically create userena profile (bug).
    Source code(tar.gz)
    Source code(zip)
  • v1.2.2(Mar 22, 2016)

    Backwards incompatible changes:

    • Changed backwards relationships names for Umessages contrib application from to_user to um_to_user and from_user to um_from_user.
    Source code(tar.gz)
    Source code(zip)
  • v1.2.0(Mar 22, 2016)

    Backwards incompatible changes:

    • This version updates Userena to be able to use the new User model found in Django 1.5. This does require the django-guardion > 1.5-dev. To make this work, there is a get_user_model function in userena/utils.py which is used to get the correct User model.
    Source code(tar.gz)
    Source code(zip)
  • v1.1.2(Mar 22, 2016)

    Backwards incompatible changes:

    • Activation view no longer contains username. If you override userena/templates/userena/emails/activation_email_message.txt and userena/templates/userena/emails/confirmation_email_message_new.txt be sure to remove username from the URL.
    Source code(tar.gz)
    Source code(zip)
  • v1.1(Mar 22, 2016)

  • v1.0.1(Mar 22, 2016)

    Backwards incompatible changes:

    • Removed the user relationship outside UserenaBaseProfile model. This allows the user to define it's own relationship and fixes a conflict while running manage.py test. To migrate, place the user field inside your profile model, instead of inheriting it from the abstract class.
    Source code(tar.gz)
    Source code(zip)
Multi-user accounts for Django projects

django-organizations Summary Groups and multi-user account management Author Ben Lopatin (http://benlopatin.com) Status Separate individual user ident

Ben Lopatin 1.1k Jan 2, 2023
Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

django-cas-ng django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logou

django-cas-ng 347 Dec 18, 2022
Django-registration (redux) provides user registration functionality for Django websites.

Description: Django-registration provides user registration functionality for Django websites. maintainers: Macropin, DiCato, and joshblum contributor

Andrew Cutler 920 Jan 8, 2023
Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.

Django Two-Factor Authentication Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django'

Bouke Haarsma 1.3k Jan 4, 2023
Django Admin Two-Factor Authentication, allows you to login django admin with google authenticator.

Django Admin Two-Factor Authentication Django Admin Two-Factor Authentication, allows you to login django admin with google authenticator. Why Django

Iman Karimi 9 Dec 7, 2022
Django-react-firebase-auth - A web app showcasing OAuth2.0 + OpenID Connect using Firebase, Django-Rest-Framework and React

Demo app to show Django Rest Framework working with Firebase for authentication

Teshank Raut 6 Oct 13, 2022
Social auth made simple

Python Social Auth Python Social Auth is an easy-to-setup social authentication/registration mechanism with support for several frameworks and auth pr

Matías Aguirre 2.8k Dec 24, 2022
Simple two factor authemtication system, made by me.

Simple two factor authemtication system, made by me. Honestly, i don't even know How 2FAs work I just used my knowledge and did whatever i could. Send

Refined 5 Jan 4, 2022
Social auth made simple

Python Social Auth Python Social Auth is an easy-to-setup social authentication/registration mechanism with support for several frameworks and auth pr

Matías Aguirre 2.8k Dec 24, 2022
A simple Boilerplate to Setup Authentication using Django-allauth 🚀

A simple Boilerplate to Setup Authentication using Django-allauth, with a custom template for login and registration using django-crispy-forms.

Yasser Tahiri 13 May 13, 2022
This python package provides a simple password reset strategy for django rest framework

Django Rest Password Reset This python package provides a simple password reset strategy for django rest framework, where users can request password r

Anexia 363 Dec 24, 2022
Django Auth Protection This package logout users from the system by changing the password in Simple JWT REST API.

Django Auth Protection Django Auth Protection This package logout users from the system by changing the password in REST API. Why Django Auth Protecti

Iman Karimi 5 Oct 26, 2022
Login-python - Login system made in Python, using native libraries

login-python Sistema de login feito 100% em Python, utilizando bibliotecas nativ

Nicholas Gabriel De Matos Leal 2 Jan 28, 2022
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.

Welcome to django-allauth! Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (soc

Raymond Penners 7.7k Jan 1, 2023
Per object permissions for Django

django-guardian django-guardian is an implementation of per object permissions [1] on top of Django's authorization backend Documentation Online docum

null 3.3k Jan 1, 2023
A JSON Web Token authentication plugin for the Django REST Framework.

Simple JWT Abstract Simple JWT is a JSON Web Token authentication plugin for the Django REST Framework. For full documentation, visit django-rest-fram

Simple JWT 3.3k Jan 1, 2023
REST implementation of Django authentication system.

djoser REST implementation of Django authentication system. djoser library provides a set of Django Rest Framework views to handle basic actions such

Sunscrapers 2.2k Jan 1, 2023
Authentication Module for django rest auth

django-rest-knox Authentication Module for django rest auth Knox provides easy to use authentication for Django REST Framework The aim is to allow for

James McMahon 878 Jan 4, 2023
Authentication for Django Rest Framework

Dj-Rest-Auth Drop-in API endpoints for handling authentication securely in Django Rest Framework. Works especially well with SPAs (e.g React, Vue, Ang

Michael 1.1k Jan 3, 2023