The default backend¶
A default registration backend is bundled with
django-registration, as the class
registration.backends.default.DefaultBackend, and implements a
simple two-step workflow in which a new user first registers, then
confirms and activates the new account by following a link sent to the
email address supplied during registration.
Default behavior and configuration¶
This backend makes use of the following settings:
- This is the number of days users will have to activate their accounts after registering. Failing to activate during that period will leave the account inactive (and possibly subject to deletion). This setting is required, and must be an integer.
- A boolean (either
False) indicating whether registration of new accounts is currently permitted. This setting is optional, and a default of
Truewill be assumed if it is not supplied.
Upon successful registration – not activation – the default redirect
is to the URL pattern named
registration_complete; this can be
overridden by passing the keyword argument
success_url to the
Upon successful activation, the default redirect is to the URL pattern
registration_activation_complete; this can be overridden by
passing the keyword argument
success_url to the
How account data is stored for activation¶
During registration, a new instance of
django.contrib.auth.models.User is created to represent the new
account, with the
is_active field set to
False. An email is
then sent to the email address of the account, containing a link the
user must click to activate the account; at that point the
is_active field is set to
True, and the user may log in
Activation is handled by generating and storing an activation key in the database, using the following model:
A simple representation of the information needed to activate a new user account. This is not a user profile; it simply provides a place to temporarily store the activation key and determine whether a given account has been activated.
Has the following fields:
django.contrib.auth.models.User, representing the user account for which activation information is being stored.
CharField, storing the activation key for the account. Initially, the activation key is the hexdigest of a SHA1 hash; after activation, this is reset to
Additionally, one class attribute exists:
A constant string used as the value of
activation_keyfor accounts which have been activated.
And the following methods:
Determines whether this account’s activation key has expired, and returns a boolean (
Falseotherwise). Uses the following algorithm:
ACTIVATED, the account has already been activated and so the key is considered to have expired.
- Otherwise, the date of registration (obtained from the
user) is compared to the current date; if the span between them is greater than the value of the setting
ACCOUNT_ACTIVATION_DAYS, the key is considered to have expired.
Return type: bool
Sends an activation email to the address of the account.
The activation email will make use of two templates:
registration/activation_email.txt, which are used for the subject of the email and the body of the email, respectively. Each will receive the following context:
- The value of
- The number of days the user has to activate, taken from the
- An object representing the site on which the account was
registered; depending on whether
django.contrib.sitesis installed, this may be an instance of either
django.contrib.sites.models.Site(if the sites application is installed) or
django.contrib.sites.models.RequestSite(if not). Consult the documentation for the Django sites framework for details regarding these objects’ interfaces.
Because email subjects must be a single line of text, the rendered output of
registration/activation_email_subject.txtwill be forcibly condensed to a single line.
Parameters: site (
django.contrib.sites.models.RequestSite) – An object representing the site on which account was registered.
RegistrationProfile has a custom manager
This manager provides several convenience methods for creating and working with instances of
activation_keyand, if valid, activates the associated account by setting its
True. To prevent re-activation of accounts, the
RegistrationProfilefor the account will be set to
RegistrationProfile.ACTIVATEDafter successful activation.
Userinstance representing the account if activation is successful,
Parameters: activation_key (string, a 40-character SHA1 hexdigest) – The activation key to use for the activation. Return type:
Removes expired instances of
RegistrationProfile, and their associated user accounts, from the database. This is useful as a periodic maintenance task to clean out accounts which registered but never activated.
Accounts to be deleted are identified by searching for instances of
RegistrationProfilewith expired activation keys and with associated user accounts which are inactive (have their
is_activefield set to
False). To disable a user account without having it deleted, simply delete its associated
Userwhich does not have an associated
RegistrationProfilewill not be deleted.
A custom management command is provided which will execute this method, suitable for use in cron jobs or other scheduled maintenance tasks:
create_inactive_user(username, email, password, site[, send_email])¶
Creates a new, inactive user account and an associated instance of
RegistrationProfile, sends the activation email and returns the new
Userobject representing the account.
- username (string) – The username to use for the new account.
- email (string) – The email address to use for the new account.
- password (string) – The password to use for the new account.
- site (
django.contrib.sites.models.RequestSite) – An object representing the site on which the account is being registered.
- send_email (bool) – If
True, the activation email will be sent to the account (by calling
False, no email will be sent (but the account will still be inactive)
Creates and returns a
RegistrationProfileinstance for the account represented by
RegistrationProfilecreated by this method will have its
activation_keyset to a SHA1 hash generated from a combination of the account’s username and a random salt.
Parameters: user (
User) – The user account; an instance of