Views
Login
- URL name:
account_login
Users login via the allauth.account.views.LoginView
view over at
/accounts/login/
(URL name account_login
). When users attempt to login
while their account is inactive (user.is_active
) they are presented with the
account/account_inactive.html
template.
Signup
- URL name:
account_signup
Users sign up via the allauth.account.views.SignupView
view over at
/accounts/signup/
(URL name account_signup
).
Logout
- URL name:
account_logout
The logout view (allauth.account.views.LogoutView
) over at
/accounts/logout/
(URL name account_logout
) requests for confirmation
before logging out. The user is logged out only when the confirmation is
received by means of a POST request.
If you are wondering why, consider what happens when a malicious user embeds the following image in a post:
<img src="http://example.com/accounts/logout/">
For this and more background information on the subject, see:
If you insist on having logout on GET, then please consider adding a
bit of Javascript to automatically turn a click on a logout link into
a POST. As a last resort, you can set ACCOUNT_LOGOUT_ON_GET
to
True
.
Password Management
Authenticated users can manage their password account using the
allauth.account.views.PasswordSetView
and
allauth.account.views.PasswordChangeView
views, over at
/accounts/password/set/
respectively /accounts/password/change/
(URL names
account_set_password
and account_change_password
respectively).
Users are redirected between these views, according to whether or not
they have setup a password (user.has_usable_password()
). Typically,
when users signup via a social provider they will not have a password
set.
Password Reset
- URL name:
account_reset_password
Users can request a password reset using the
allauth.account.views.PasswordResetView
view over at
/accounts/password/reset/
(URL name account_reset_password
). An email
will be sent containing a reset link pointing to PasswordResetFromKeyView
view.
Emails Management
- URL name:
account_email
Users manage the email addresses tied to their account using the
allauth.account.views.EmailView
view over at /accounts/email/
(URL name
account_email
). Here, users can add (and verify) email addresses, remove
email addresses, and choose a new primary email address.
Email Verification
Depending on the setting ACCOUNT_EMAIL_VERIFICATION
, a verification
email is sent pointing to the
allauth.account.views.ConfirmEmailView
view.
The setting ACCOUNT_CONFIRM_EMAIL_ON_GET
determines whether users
have to manually confirm the address by submitting a confirmation form,
or whether the address is automatically confirmed by a mere GET
request.