12 django-allauth

使用django-allauth进行用户管理

django自带的管理模块django.contrib.auth支持用户、用户组合权限管理等一系列功能，同时它也支持授权流程。但是它的设计方式是基于老的模式已经不太适应当前的网页应用，例如，它不支持社会化授权，同时它仅支持用户名登陆，不支持邮箱或者手机，这些方案都明显过时了。

但是，我们不能抛弃这个模块，django.contrib.auth内嵌在admin模块，被其他模块广泛调用。所以，一方面我们继续用这个包来维护用户管理，以此兼容其他依赖它的包，另一方面，我们需要来改进它来支持不同的登陆方式和社会化授权。

Django-allauth支持社会化授权且基于email设计用户，并且它与django.contrib.auth包完美集成。

安装

使用下面pip语句安装django-allauth

pip install django-allauth

如果是版本django==1.0.8，选择djagno-allauth版本0.34.0，之后的版本都至少django==1.11

配置

安装完成后，我们需要添加配置信息来实现以下功能

• 使用email作为主登陆ID，但是继续维护用户名username认证来保持和admin等模块的兼容
• 添加邮件认证，避免垃圾用户
• 添加社会化授权的一些基础配置

首先确保‘django.contrib.sites’已在INSTALLED_APP配置好，并且SITE_ID值设置好

SITE_ID = 1

并添加'allauth','allauth.account','allauth.socialaccount'到INSTALLED_APP

INSTALLED_APPS = (
    ...
    # The following apps are required:
    'django.contrib.auth',
    'django.contrib.messages',
    'django.contrib.sites',
    #
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    # ... include the providers you want to enable:
    'allauth.socialaccount.providers.agave',
    'allauth.socialaccount.providers.amazon',

模板处理器

# Specify the context processors as follows:
TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                # Already defined Django-related contexts here
                # 
                # `allauth` needs this from django
                'django.template.context_processors.request',
            ],
        },
    },
]

添加后端授权，保留默认的ModelBackend

AUTHENTICATION_BACKENDS = (
    ...
    # Needed to login by username in Django admin, regardless of `allauth`
    'django.contrib.auth.backends.ModelBackend',
    #
    # `allauth` specific authentication methods, such as login by e-mail
    'allauth.account.auth_backends.AuthenticationBackend',
    ...
)

设置登陆方式和邮箱

ACCOUNT_AUTHENTICATION_METHOD = "username_email"
ACCOUNT_EMAIL_REQUIRED = False # True. False

ACCOUNT_EMAIL_VERIFICATION = None # 'mandatory', None

配置描述

• ACCOUNT_EMAIL_VERIFICATION

Determines the e-mail verification method during signup – choose one of "mandatory", "optional", or "none".

Setting this to “mandatory” requires ACCOUNT_EMAIL_REQUIRED to be True

When set to “mandatory” the user is blocked from logging in until the email address is verified. Choose “optional” or “none” to allow logins with an unverified e-mail address. In case of “optional”, the e-mail verification mail is still sent, whereas in case of “none” no e-mail verification mails are sent.

• ACCOUNT_AUTHENTICATION_METHOD (=”username” | “email” | “username_email”)

Specifies the login method to use – whether the user logs in by entering their username, e-mail address, or either one of both. Setting this to “email” requires ACCOUNT_EMAIL_REQUIRED=True

• ACCOUNT_EMAIL_REQUIRED (=False)

The user is required to hand over an e-mail address when signing up.

• ACCOUNT_LOGOUT_ON_GET (=False)

Determines whether or not the user is automatically logged out by a GET request. GET is not designed to modify the server state, and in this case it can be dangerous.

路由

最后，在urls.py添加路由:

urlpatterns = [
    ...
    url(r'^accounts/', include('allauth.urls')),
    ...
]

从上面可以看出，url正则表达式告诉django去将allauth allauth.urls加载在/accounts/，这个跟标准的django.contrib.auth包做法是一样的，它们用了几乎相同的模式和行为，这就意味着allauth可以将登陆页面放在url /accounts/login/，登陆地址放在/accounts/logout/. allauth在它的include()语句里包含了一系列新的url.

与此相似，在配置文件里，django.contrib.auth包对应的这些授权相关的变量也可适用于allauth，例如，你可以设置LOGIN_URL去覆盖启默认值/accounts/login/, 也可以设置LOGIN_REDIRECT_URL，它的默认值为/accounts/profile/. 事实上，和django.contrib.auth包一样，allauth并没有包含/accounts/profile/入口url, 所以你可以覆盖LOGIN_REDIRECT_URL变量来指向另一url，例如设置LOGIN_REDIRECT_URL='/'，登陆成功后将会跳转到主页。

数据库

上面完成之后执行下面命令迁移数据库，创建数据表

python manage.py migrate

Now start your server, visit your admin pages (e.g. http://localhost:8000/admin/) and follow these steps:

• Add a Site for your domain, matching settings.SITE_ID (django.contrib.sites app).
• For each OAuth based provider, add a Social App (socialaccount app).
• Fill in the site and the OAuth app credentials obtained from the provider.

接下来需要去配置socialaccount信息，详见各子章节

常见问题

• SocialApp matching query does not exist

原因是没有配置socialapp

https://stackoverflow.com/questions/15409366/django-socialapp-matching-query-does-not-exist

参考文档

• User management with Django allauth
• 使用django-allauth管理用户登录与注册
• DJANGO从零搭建个人博客 | 使用ALLAUTH插件管理用户登录与注册