django-registration 0.8 documentation¶

Installing django-registration¶

There are several ways to install django-registration:

• Automatically, via a package manager.
• Manually, by downloading a copy of the release package and installing it yourself.
• Manually, by performing a Mercurial checkout of the latest code.

It is also highly recommended that you learn to use virtualenv for development and deployment of Python software; virtualenv provides isolated Python environments into which collections of software (e.g., a copy of Django, and the necessary settings and applications for deploying a site) can be installed, without conflicting with other installed software. This makes installation, testing, management and deployment far simpler than traditional site-wide installation of Python packages.

easy_install -Z django-registration

pip install django-registration

python setup.py install

hg clone http://bitbucket.org/ubernostrum/django-registration/

hg clone -r v0.8 http://bitbucket.org/ubernostrum/django-registration/

Basic configuration and use¶

Once installed, you can add django-registration to any Django-based project you’re developing. The default setup will enable user registration with the following workflow:

1. A user signs up for an account by supplying a username, email address and password.
2. From this information, a new User object is created, with its is_active field set to False. Additionally, an activation key is generated and stored, and an email is sent to the user containing a link to click to activate the account.
3. Upon clicking the activation link, the new account is made active (the is_active field is set to True); after this, the user can log in.

Note that the default workflow requires django.contrib.auth to be installed, and it is recommended that django.contrib.sites be installed as well. You will also need to have a working mail server (for sending activation emails), and provide Django with the necessary settings to make use of this mail server (consult Django’s email-sending documentation for details).

INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.sites',
    'registration',
    # ...other installed applications...
)

ACCOUNT_ACTIVATION_DAYS = 7 # One-week activation window; you may, of course, use a different value.

(r'^accounts/', include('registration.backends.default.urls')),

The backend system¶

The largest overall change consists of factoring out the logic of user registration into pluggable/swappable backend classes. The registration views now accept a (required) argument, backend, which indicates the backend class to use, and that class has full control over the registration (and, if needed, activation) process, including:

• Determining whether registration will be allowed at all, on a per-request basis.
• Specifying a form class to use for account registration.
• Implementing the actual process of account creation.
• Determining whether a separate activation step is needed, and if so what it will entail.
• Specifying actions to take (e.g., redirects, automatic login, etc.) following successful registration or activation.

For full details, see the documentation for the backend API.

The workflow used by previous releases of django-registration (two-step registration/activation) has been implemented using this system, and is shipped as the default backend in django-registration 0.8.

Other new features¶

An alternate one-step registration system is provided, for use by sites which do not require a two-step registration/activation system.

During the registration and (optional) activation process, custom signals are now sent, allowing easy injection of custom processing into the registration workflow without needing to write a full backend.

The default backend now supplies several custom admin actions to make the process of administering a site with django-registration simpler.

The activate() view now supplies any captured keyword arguments from the URL (in the case of the default backend, this is the activation key) to its template in case of unsuccessful activation; this greatly simplifies the process of determining why activation failed and displaying appropriate error messages.

Django version requirement¶

As of 0.8, django-registration requires Django 1.3 or newer; older Django releases may work, but are officially unsupported.

Backwards-incompatible changes¶

If you’re upgrading from an older release of django-registration, and if you were using the default setup (i.e., the included default URLconf and no custom URL patterns or custom arguments to views), most things will continue to work as normal (although you will need to create one new template; see the section on views below). However, the old default URLconf has been deprecated and will be removed in version 1.0 of django-registration, so it is recommended that you begin migrating now. To do so, change any use of registration.urls to registration.backends.default.urls. For example, if you had the following in your root URLconf:

(r'^accounts/', include('registration.urls')),

you should change it to:

(r'^accounts/', include('registration.backends.default.urls')),

The older include will continue to work until django-registration 1.0; in 0.8 it raises a PendingDeprecationWarning (which is ignored by default in Python), in 0.9 it will raise DeprecationWarning (which will begin printing warning messages on import) and in 1.0 it will be removed entirely.

Specifying the backend to use¶

To determine which backend to use, the views in django-registration accept a keyword argument backend; in all cases, this should be a string containing the full dotted Python import path to the backend class to be used. So, for example, to use the default backend, you’d pass the string 'registration.backends.default.DefaultBackend' as the value of the backend argument (and the default URLconf included with that backend does so). The specified backend class will then be imported and instantiated (by calling its constructor with no arguments), and the resulting instance will be used for all backend-specific functionality.

If the specified backend class cannot be imported, django-registration will raise django.core.exceptions.ImproperlyConfigured.

Backend API¶

To be used as a registration backend, a class must implement the following methods. For many cases, subclassing the default backend and selectively overriding behavior will be suitable, but for other situations (e.g., workflows significantly different from the default) a full implementation is needed.

Default behavior and configuration¶

This backend makes use of the following settings:

ACCOUNT_ACTIVATION_DAYS

This is the number of days users will have to activate their accounts after registering. Failing to activate during that period will leave the account inactive (and possibly subject to deletion). This setting is required, and must be an integer.

REGISTRATION_OPEN

A boolean (either True or False) indicating whether registration of new accounts is currently permitted. This setting is optional, and a default of True will be assumed if it is not supplied.

By default, this backend uses registration.forms.RegistrationForm as its form class for user registration; this can be overridden by passing the keyword argument form_class to the register() view.

Upon successful registration – not activation – the default redirect is to the URL pattern named registration_complete; this can be overridden by passing the keyword argument success_url to the register() view.

Upon successful activation, the default redirect is to the URL pattern named registration_activation_complete; this can be overridden by passing the keyword argument success_url to the activate() view.

How account data is stored for activation¶

During registration, a new instance of django.contrib.auth.models.User is created to represent the new account, with the is_active field set to False. An email is then sent to the email address of the account, containing a link the user must click to activate the account; at that point the is_active field is set to True, and the user may log in normally.

Activation is handled by generating and storing an activation key in the database, using the following model:

class registration.models.RegistrationProfile¶

A simple representation of the information needed to activate a new user account. This is not a user profile; it simply provides a place to temporarily store the activation key and determine whether a given account has been activated.

Has the following fields:

user¶

A ForeignKey to django.contrib.auth.models.User, representing the user account for which activation information is being stored.

activation_key¶

A 40-character CharField, storing the activation key for the account. Initially, the activation key is the hexdigest of a SHA1 hash; after activation, this is reset to ACTIVATED.

Additionally, one class attribute exists:

ACTIVATED¶

A constant string used as the value of activation_key for accounts which have been activated.

And the following methods:

activation_key_expired()¶

Determines whether this account’s activation key has expired, and returns a boolean (True if expired, False otherwise). Uses the following algorithm:

1. If activation_key is ACTIVATED, the account has already been activated and so the key is considered to have expired.
2. Otherwise, the date of registration (obtained from the date_joined field of user) is compared to the current date; if the span between them is greater than the value of the setting ACCOUNT_ACTIVATION_DAYS, the key is considered to have expired.

Return type:	bool

send_activation_email(site)¶

Sends an activation email to the address of the account.

The activation email will make use of two templates: registration/activation_email_subject.txt and registration/activation_email.txt, which are used for the subject of the email and the body of the email, respectively. Each will receive the following context:

activation_key

The value of activation_key.

expiration_days

The number of days the user has to activate, taken from the setting ACCOUNT_ACTIVATION_DAYS.

site

An object representing the site on which the account was registered; depending on whether django.contrib.sites is installed, this may be an instance of either django.contrib.sites.models.Site (if the sites application is installed) or django.contrib.sites.models.RequestSite (if not). Consult the documentation for the Django sites framework for details regarding these objects’ interfaces.

Because email subjects must be a single line of text, the rendered output of registration/activation_email_subject.txt will be forcibly condensed to a single line.

Parameters:	site (django.contrib.sites.models.Site or django.contrib.sites.models.RequestSite) – An object representing the site on which account was registered.
Return type:	None

Additionally, RegistrationProfile has a custom manager (accessed as RegistrationProfile.objects):

class registration.models.RegistrationManager¶

This manager provides several convenience methods for creating and working with instances of RegistrationProfile:

activate_user(activation_key)¶

Validates activation_key and, if valid, activates the associated account by setting its is_active field to True. To prevent re-activation of accounts, the activation_key of the RegistrationProfile for the account will be set to RegistrationProfile.ACTIVATED after successful activation.

Returns the User instance representing the account if activation is successful, False otherwise.

Parameters:	activation_key (string, a 40-character SHA1 hexdigest) – The activation key to use for the activation.
Return type:	User or bool

delete_expired_users()¶

Removes expired instances of RegistrationProfile, and their associated user accounts, from the database. This is useful as a periodic maintenance task to clean out accounts which registered but never activated.

Accounts to be deleted are identified by searching for instances of RegistrationProfile with expired activation keys and with associated user accounts which are inactive (have their is_active field set to False). To disable a user account without having it deleted, simply delete its associated RegistrationProfile; any User which does not have an associated RegistrationProfile will not be deleted.

A custom management command is provided which will execute this method, suitable for use in cron jobs or other scheduled maintenance tasks: manage.py cleanupregistration.

Return type:	None

create_inactive_user(username, email, password, site[, send_email])¶

Creates a new, inactive user account and an associated instance of RegistrationProfile, sends the activation email and returns the new User object representing the account.

Parameters:

username (string) – The username to use for the new account. email (string) – The email address to use for the new account. password (string) – The password to use for the new account. site (django.contrib.sites.models.Site or django.contrib.sites.models.RequestSite) – An object representing the site on which the account is being registered. send_email (bool) – If True, the activation email will be sent to the account (by calling RegistrationProfile.send_activation_email()). If False, no email will be sent (but the account will still be inactive)

Return type:

User

create_profile(user)¶

Creates and returns a RegistrationProfile instance for the account represented by user.

The RegistrationProfile created by this method will have its activation_key set to a SHA1 hash generated from a combination of the account’s username and a random salt.

Parameters:	user (User) – The user account; an instance of django.contrib.auth.models.User.
Return type:	RegistrationProfile

Configuration¶

To use this backend, simply include the URLconf registration.backends.simple.urls somewhere in your site’s own URL configuration. For example:

(r'^accounts/', include('registration.backends.simple.urls')),

No additional settings are required, but one optional setting is supported:

REGISTRATION_OPEN

A boolean (either True or False) indicating whether registration of new accounts is currently permitted. A default of True will be assumed if this setting is not supplied.

Upon successful registration, the default redirect is to the URL specified by the get_absolute_url() method of the newly-created User object; by default, this will be /users/<username>/, although it can be overridden in either of two ways:

1. Specify a custom URL pattern for the register() view, passing the keyword argument success_url.
2. Override the default get_absolute_url() of the User model in your Django configuration, as covered in Django’s settings documentation.

The default form class used for account registration will be registration.forms.RegistrationForm, although this can be overridden by supplying a custom URL pattern for the register() view and passing the keyword argument form_class.

Note that because this backend does not use an activation step, attempting to use the activate() view with this backend or calling the backend’s activate() or post_activation_redirect() methods will raise NotImplementedError.

General¶

What license is django-registration under?

django-registration is offered under a three-clause BSD-style license; this is an OSI-approved open-source license, and allows you a large degree of freedom in modifiying and redistributing the code. For the full terms, see the file LICENSE which came with your copy of django-registration; if you did not receive a copy of this file, you can view it online at <http://bitbucket.org/ubernostrum/django-registration/src/tip/LICENSE>.

Why are the forms and models for the default backend not in the default backend?

The model and manager used by the default backend are in registration.models, and the default form class (and various subclasses) are in registration.forms; logically, they might be expected to exist in registration.backends.default, but there are several reasons why that’s not such a good idea:

1. Older versions of django-registration made use of the model and form classes, and moving them would create an unnecessary backwards incompatibility: import statements would need to be changed, and some database updates would be needed to reflect the new location of the RegistrationProfile model.
2. Due to the design of Django’s ORM, the RegistrationProfile model would end up with an app_label of default, which isn’t particularly descriptive and may conflict with other applications. By keeping it in registration.models, it retains an app_label of registration, which more accurately reflects what it does and is less likely to cause problems.
3. Although the RegistrationProfile model and the various form classes are used by the default backend, they can and are meant to be reused as needed by other backends. Any backend which uses an activation step should feel free to reuse the RegistrationProfile model, for example, and the registration form classes are in no way tied to a specific backend (and cover a number of common use cases which will crop up regardless of the specific backend logic in use).

Installation and setup¶

How do I install django-registration?

Full instructions are available in the quick start guide.

Do I need to put a copy of django-registration in every project I use it in?

No; putting applications in your project directory is a very bad habit, and you should stop doing it. If you followed the instructions mentioned above, django-registration was installed into a location that’s on your Python import path, so you’ll only ever need to add registration to your INSTALLED_APPS setting (in any project, or in any number of projects), and it will work.

Does django-registration come with any sample templates I can use right away?

No, for two reasons:

1. Providing default templates with an application is generally hard to impossible, because different sites can have such wildly different design and template structure. Any attempt to provide templates which would work with all the possibilities would probably end up working with none of them.
2. A number of things in django-registration depend on the specific registration backend you use, including the variables which end up in template contexts. Since django-registration has no way of knowing in advance what backend you’re going to be using, it also has no way of knowing what your templates will need to look like.

Fortunately, however, django-registration has good documentation which explains what context variables will be available to templates, and so it should be easy for anyone who knows Django’s template system to create templates which integrate with their own site.

Configuration¶

Do I need to rewrite the views to change the way they behave?

No. There are several ways you can customize behavior without making any changes whatsoever:

• Pass custom arguments – e.g., to specify forms, template names, etc. – to the registration views.
• Use the signals sent by the views to add custom behavior.
• Write a custom registration backend which implements the behavior you need, and have the views use your backend.

If none of these are sufficient, your best option is likely to simply write your own views; however, it is hoped that the level of customization exposed by these options will be sufficient for nearly all user-registration workflows.

How do I pass custom arguments to the views?

Part 3 of the official Django tutorial, when it introduces generic views, covers the necessary mechanism: simply provide a dictionary of keyword arguments in your URLconf.

Does that mean I should rewrite django-registration’s default URLconf?

No; if you’d like to pass custom arguments to the registration views, simply write and include your own URLconf instead of including the default one provided with django-registration.

I don’t want to write my own URLconf because I don’t want to write patterns for all the auth views!

You’re in luck, then; django-registration provides a URLconf which only contains the patterns for the auth views, and which you can include in your own URLconf anywhere you’d like; it lives at registration.auth_urls.

I don’t like the names you’ve given to the URL patterns!

In that case, you should feel free to set up your own URLconf which uses the names you want.

Troubleshooting¶

I’ve got functions listening for the registration/activation signals, but they’re not getting called!

The most common cause of this is placing django-registration in a sub-directory that’s on your Python import path, rather than installing it directly onto the import path as normal. Importing from django-registration in that case can cause various issues, including incorrectly connecting signal handlers. For example, if you were to place django-registration inside a directory named django_apps, and refer to it in that manner, you would end up with a situation where your code does this:

from django_apps.registration.signals import user_registered

But django-registration will be doing:

from registration.signals import user_registered

From Python’s point of view, these import statements refer to two different objects in two different modules, and so signal handlers connected to the signal from the first import will not be called when the signal is sent using the second import.

To avoid this problem, follow the standard practice of installing django-registration directly on your import path and always referring to it by its own module name: registration (and in general, it is always a good idea to follow normal Python practices for installing and using Django applications).

Tips and tricks¶

How do I log a user in immediately after registration or activation?

You can most likely do this simply by writing a function which listens for the appropriate signal; your function should set the backend attribute of the user to the correct authentication backend, and then call django.contrib.auth.login() to log the user in.

How do I re-send an activation email?

Assuming you’re using the default backend, a custom admin action is provided for this; in the admin for the RegistrationProfile model, simply click the checkbox for the user(s) you’d like to re-send the email for, then select the “Re-send activation emails” action.

How do I manually activate a user?

In the default backend, a custom admin action is provided for this. In the admin for the RegistrationProfile model, click the checkbox for the user(s) you’d like to activate, then select the “Activate users” action.