如何使用django-allauth禁用新帐号创建,但仍允许现有用户登录? [英] How could one disable new account creation with django-allauth, but still allow existing users to sign in?
问题描述
我们一直在运行一个网站,使用 django-allauth
进行验证,使用以下任何一种:
- 传统的基于电子邮件的注册
- Google登录
- Twitter登录
- Facebook登录
...但现在我们想阻止任何人创建一个新帐户,同时仍然允许以前使用任何这些方法创建帐户的人能够登录。有没有一个设置会让我们这样做吗?我不清楚这些记录的设置中是否允许我们目前与django-allauth相关的设置是:
INSTALLED_APPS =(
'django.contrib.auth',
...
'allauth',
'allauth.account',
'allauth.socialaccount ',
'allauth.socialaccount.providers.google',
'allauth.socialaccount.providers.facebook',
'allauth.socialaccount.providers.twitter',
..
AUTHENTICATION_BACKENDS =(
#需要在Django管理员中以用户名登录,无论allauth
django.contrib.auth.backends.ModelBackend ,
#`allauth`具体的身份验证方法,如通过电子邮件登录
allauth.account.auth_backends.AuthenticationBackend,
)
SOCIALACCOUNT_PROVIDERS = {
'google':{'SCOPE':['https://www.googleapis.com/auth/userinfo.profile'],
'AUTH_PARAMS':{'access_type':'online'} },
'facebook':{'SCOPE':['email',]},
}
LOGIN_REDIRECT_URL ='/'
ACCOUNT_EMAIL_VERIFICATION =mandatory
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = True
SOCIALACCOUNT_AUTO_SIGNUP = True
问题rnevius链接到为我修复这个。为了增加一些细节,我创建了一个文件 mysite / account_adapter.py
,其中包含:
code> from allauth.account.adapter import DefaultAccountAdapter
class NoNewUsersAccountAdapter(DefaultAccountAdapter):
def is_open_for_signup(self,request):
检查网站是否开放注册
除了简单地返回True / False之外,您还可以通过提高ImmediateHttpResponse
$来介入
常规流
return False
然后将其添加到 mysite / settings.py
:
ACCOUNT_ADAPTER ='mysite.account_adapter.NoNewUsersAccountAdapter'
We've been running a site for a while which uses django-allauth
for authentication using any of:
- Traditional email-based sign-up
- Google login
- Twitter login
- Facebook login
... but now we want to stop anyone creating a new account, while still allowing people who've previously created an account using any of those methods to be able to log in. Is there a setting that will let us do this? It's not clear to me that any of these documented settings would allow us to configure that.
The current settings relating to django-allauth are:
INSTALLED_APPS = (
'django.contrib.auth',
...
'allauth',
'allauth.account',
'allauth.socialaccount',
'allauth.socialaccount.providers.google',
'allauth.socialaccount.providers.facebook',
'allauth.socialaccount.providers.twitter',
...
)
AUTHENTICATION_BACKENDS = (
# Needed to login by username in Django admin, regardless of `allauth`
"django.contrib.auth.backends.ModelBackend",
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
)
SOCIALACCOUNT_PROVIDERS = {
'google': {'SCOPE': ['https://www.googleapis.com/auth/userinfo.profile'],
'AUTH_PARAMS': {'access_type': 'online'}},
'facebook': {'SCOPE': ['email',]},
}
LOGIN_REDIRECT_URL = '/'
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = True
SOCIALACCOUNT_AUTO_SIGNUP = True
The question rnevius linked to fixed this for me. To add a bit more detail, I created a file mysite/account_adapter.py
containing:
from allauth.account.adapter import DefaultAccountAdapter
class NoNewUsersAccountAdapter(DefaultAccountAdapter):
def is_open_for_signup(self, request):
"""
Checks whether or not the site is open for signups.
Next to simply returning True/False you can also intervene the
regular flow by raising an ImmediateHttpResponse
(Comment reproduced from the overridden method.)
"""
return False
And then added this to mysite/settings.py
:
ACCOUNT_ADAPTER = 'mysite.account_adapter.NoNewUsersAccountAdapter'
这篇关于如何使用django-allauth禁用新帐号创建,但仍允许现有用户登录?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!