Convert Figma logo to code with AI

pennersr logodjango-allauth

Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. 🔁 Mirror of https://codeberg.org/allauth/django-allauth/

10,010
3,101
10,010
1
View on GitHub

Top Related Projects

python-social-auth's avatar

social-app-django

2,095

Python Social Auth - Application - Django

jazzband's avatar

django-oauth-toolkit

3,248

OAuth2 goodies for the Djangonauts!

django-cms's avatar

django-cms

10,508

The easy-to-use and developer-friendly enterprise CMS powered by Django

django-guardian's avatar

django-guardian

3,754

Per object permissions for Django

Quick Overview

Django-allauth is a comprehensive authentication, registration, and account management solution for Django applications. It provides a set of reusable Django applications that handle various authentication methods, including social account authentication, email verification, and password management.

Pros

  • Supports multiple authentication providers (social accounts, email, etc.)
  • Highly customizable and extensible
  • Robust documentation and active community support
  • Seamless integration with Django's built-in authentication system

Cons

  • Can be complex to set up for beginners
  • Some features may require additional configuration
  • Occasional compatibility issues with other Django packages
  • Performance impact on large-scale applications due to its comprehensive nature

Code Examples

  1. Basic user registration:
from allauth.account.forms import SignupForm
from django.contrib.auth.models import User

class CustomSignupForm(SignupForm):
    def save(self, request):
        user = super(CustomSignupForm, self).save(request)
        user.first_name = self.cleaned_data['first_name']
        user.last_name = self.cleaned_data['last_name']
        user.save()
        return user
  1. Customizing login template:
{% extends "account/base.html" %}
{% load i18n %}
{% block head_title %}{% trans "Sign In" %}{% endblock %}

{% block content %}
<h1>{% trans "Sign In" %}</h1>
<form class="login" method="POST" action="{% url 'account_login' %}">
  {% csrf_token %}
  {{ form.as_p }}
  {% if redirect_field_value %}
  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
  {% endif %}
  <button type="submit">{% trans "Sign In" %}</button>
</form>
{% endblock %}
  1. Adding a custom social account provider:
from allauth.socialaccount.providers.base import ProviderAccount
from allauth.socialaccount.providers.oauth2.provider import OAuth2Provider

class CustomProvider(OAuth2Provider):
    id = 'custom'
    name = 'Custom'
    account_class = ProviderAccount

    def extract_uid(self, data):
        return str(data['id'])

    def extract_common_fields(self, data):
        return dict(email=data.get('email'),
                    username=data.get('username'),
                    first_name=data.get('first_name'),
                    last_name=data.get('last_name'))

provider_classes = [CustomProvider]

Getting Started

  1. Install django-allauth:

    pip install django-allauth

  2. Add to INSTALLED_APPS in settings.py:

    INSTALLED_APPS = [
    ...
    'django.contrib.sites',
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
]

  3. Configure AUTHENTICATION_BACKENDS in settings.py:

    AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'allauth.account.auth_backends.AuthenticationBackend',
]

  4. Add django-allauth URLs to urls.py:

    urlpatterns = [
    ...
    path('accounts/', include('allauth.urls')),
]

  5. Run migrations:

    python manage.py migrate

Competitor Comparisons

python-social-auth logo

social-app-django

2,095

Python Social Auth - Application - Django

Pros of social-app-django

  • More flexible and customizable authentication pipeline
  • Supports a wider range of social providers out-of-the-box
  • Better integration with non-Django projects and frameworks

Cons of social-app-django

  • Less active maintenance and community support
  • More complex setup and configuration process
  • Fewer built-in features for handling user accounts and profiles

Code Comparison

social-app-django:

AUTHENTICATION_BACKENDS = (
    'social_core.backends.google.GoogleOAuth2',
    'social_core.backends.facebook.FacebookOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)

django-allauth:

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'allauth.account.auth_backends.AuthenticationBackend',
)

Both libraries offer robust social authentication solutions for Django projects. social-app-django provides more flexibility and customization options, making it suitable for complex authentication scenarios. However, django-allauth offers a more streamlined setup process and better integration with Django's built-in authentication system. The choice between the two depends on the specific requirements of your project and the level of customization needed.

jazzband logo

django-oauth-toolkit

3,248

OAuth2 goodies for the Djangonauts!

Pros of django-oauth-toolkit

  • Focused specifically on OAuth2 implementation, providing a more comprehensive OAuth2 solution
  • Offers both provider and client functionalities for OAuth2
  • Includes built-in support for JWT tokens

Cons of django-oauth-toolkit

  • Less extensive social authentication support compared to django-allauth
  • Steeper learning curve for developers new to OAuth2 concepts
  • Requires more manual configuration for common authentication scenarios

Code Comparison

django-oauth-toolkit:

from oauth2_provider.views.generic import ProtectedResourceView

class ApiEndpoint(ProtectedResourceView):
    def get(self, request, *args, **kwargs):
        return HttpResponse('Hello, OAuth2!')

django-allauth:

from allauth.socialaccount.providers.oauth2.views import OAuth2Adapter

class CustomProvider(OAuth2Adapter):
    provider_id = 'custom'
    access_token_url = 'https://example.com/oauth/token'
    authorize_url = 'https://example.com/oauth/authorize'

Both libraries offer Django integration for authentication, but django-oauth-toolkit focuses on OAuth2 implementation, while django-allauth provides a broader range of authentication methods, including social authentication. The code examples demonstrate the different approaches: django-oauth-toolkit emphasizes OAuth2 resource protection, while django-allauth simplifies the process of adding custom OAuth2 providers.

django-cms logo

django-cms

10,508

The easy-to-use and developer-friendly enterprise CMS powered by Django

Pros of django-cms

  • Provides a comprehensive content management system with a user-friendly interface
  • Offers a wide range of built-in features like page hierarchies, versioning, and multilingual support
  • Highly extensible with a plugin system for custom functionality

Cons of django-cms

  • Steeper learning curve due to its complex architecture and extensive features
  • Heavier and more resource-intensive compared to lightweight authentication solutions
  • May be overkill for projects that don't require full CMS capabilities

Code Comparison

django-cms:

from cms.models import CMSPlugin

class MyPlugin(CMSPlugin):
    my_field = models.CharField(max_length=255)

django-allauth:

from allauth.account.forms import SignupForm

class MyCustomSignupForm(SignupForm):
    def save(self, request):
        user = super(MyCustomSignupForm, self).save(request)
        return user

django-cms focuses on content management and plugin creation, while django-allauth specializes in authentication and user management. The code examples demonstrate the different primary concerns of each project: django-cms deals with creating custom plugins for content, while django-allauth handles user signup and authentication processes.

django-guardian logo

django-guardian

3,754

Per object permissions for Django

Pros of django-guardian

  • Focused on object-level permissions, providing granular access control
  • Integrates seamlessly with Django's built-in authentication system
  • Offers flexible permission assignment for users and groups

Cons of django-guardian

  • Limited to permission management, lacking authentication features
  • Requires more setup and configuration compared to all-in-one solutions
  • May introduce performance overhead for large-scale applications

Code Comparison

django-guardian:

from guardian.shortcuts import assign_perm

# Assign permission to a user
assign_perm('view_post', user, post)

# Check permission
if user.has_perm('view_post', post):
    # User can view the post

django-allauth:

from allauth.account.views import SignupView

class CustomSignupView(SignupView):
    def form_valid(self, form):
        # Custom signup logic
        return super().form_valid(form)

# In urls.py
path('accounts/signup/', CustomSignupView.as_view(), name='account_signup')

While django-guardian focuses on object-level permissions, django-allauth is a comprehensive authentication solution. django-guardian excels in fine-grained access control, while django-allauth provides a wide range of authentication methods and social account integration. The choice between them depends on the specific needs of your project, with django-guardian being more suitable for complex permission scenarios and django-allauth for projects requiring diverse authentication options.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

========================== Welcome to django-allauth!

.. image:: https://codeberg.org/allauth/allauth.org/raw/commit/da3b56390e1b18eaec09b05cd89dfa7812212dfc/content/news/2024/04/website-redesign/logo-light.png :target: https://allauth.org :align: right :alt: django-allauth logo :width: 250px

.. |ci| image:: https://img.shields.io/github/actions/workflow/status/pennersr/django-allauth/ci.yml.svg :target: https://github.com/pennersr/django-allauth/actions .. |pypi| image:: https://img.shields.io/pypi/v/django-allauth :target: https://pypi.python.org/pypi/django-allauth .. |cov| image:: https://img.shields.io/coverallsCoverage/github/pennersr/django-allauth :alt: Coverage Status :target: https://coveralls.io/r/pennersr/django-allauth .. |btc| image:: https://img.shields.io/badge/bitcoin-donate-yellow :target: https://blockchain.info/address/1AJXuBMPHkaDCNX2rwAy34bGgs7hmrePEr .. |liberapay| image:: https://img.shields.io/liberapay/receives/pennersr :target: https://en.liberapay.com/pennersr .. |pystyle| image:: https://img.shields.io/badge/code_style-pep8-green :target: https://www.python.org/dev/peps/pep-0008/ .. |jsstyle| image:: https://img.shields.io/badge/code_style-standard-brightgreen :target: http://standardjs.com .. |editor| image:: https://img.shields.io/badge/editor-emacs-purple :target: https://www.gnu.org/software/emacs/ .. |i18n| image:: https://img.shields.io/weblate/progress/allauth :target: https://hosted.weblate.org/projects/allauth/django-allauth/ .. |pypidl| image:: https://img.shields.io/pypi/dm/django-allauth :target: https://pypistats.org/packages/django-allauth :alt: PyPI - Downloads .. |djangodemo| image:: https://img.shields.io/badge/%E2%96%B6_demo-Django_project-red :target: https://django.demo.allauth.org/ :alt: View Django Demo .. |reactdemo| image:: https://img.shields.io/badge/%E2%96%B6_demo-React_SPA-red :target: https://react.demo.allauth.org/ :alt: View React SPA Demo

|ci| |pypi| |cov| |btc| |liberapay| |pystyle| |jsstyle| |editor| |i18n| |pypidl| |djangodemo| |reactdemo|

Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.

Home page https://allauth.org/

Source code https://codeberg.org/allauth/django-allauth

Issue Tracker https://codeberg.org/allauth/django-allauth/issues

Documentation https://docs.allauth.org/en/latest/

Stack Overflow https://stackoverflow.com/questions/tagged/django-allauth

Demo https://django.demo.allauth.org and https://react.demo.allauth.org

Translations https://hosted.weblate.org/projects/allauth/django-allauth/

.. end-welcome

Rationale

.. begin-rationale

Most existing Django apps that address the problem of social authentication unfortunately focus only on one dimension - the social. Most developers end up integrating another app in order to support authentication flows that are locally generated.

This approach creates a development gap between local and social authentication flows. It has remained an issue in spite of numerous common scenarios that both require. For example, an email address passed along by an OpenID provider may not be verified. Therefore, prior to hooking up an OpenID account to a local account the email address must be verified. This essentially is one of many use cases that mandate email verification to be present in both worlds.

Integrating both is a humongous and tedious process. It is not as simple as adding one social authentication app, and one local account registration app to your INSTALLED_APPS list.

This inadequacy is the reason for this project's existence -- to offer a fully integrated authentication app that allows for both local and social authentication, with flows that just work, beautifully!

.. end-rationale

Features

.. begin-features

🔑 Comprehensive account functionality Supports multiple authentication schemes (e.g. login by user name, or by email), as well as multiple strategies for account verification (ranging from none to mandatory email verification).

👥 Social Login Login using external identity providers, supporting any Open ID Connect compatible provider, many OAuth 1.0/2.0 providers, as well as custom protocols such as, for example, Telegram authentication.

💼 Enterprise ready Supports SAML 2.0, which is often used in a B2B context.

🕵️ Battle-tested The package has been out in the open since 2010. It is in use by many commercial companies whose business depends on it and has hence been subjected to various penetration testing attempts.

⏳Rate limiting When you expose an authentication-enabled web service to the internet, it is important to be prepared for potential brute force attempts. Therefore, rate limiting is enabled out of the box.

🔒 Private Many sites leak information. For example, on many sites you can check whether someone you know has an account by input their email address into the password forgotten form, or trying to signup with it. We offer account enumeration prevention, making it impossible to tell whether or not somebody already has an account.

🧩 Customizable As a developer, you have the flexibility to customize the core functionality according to your specific requirements. By employing the adapter pattern, you can effortlessly introduce interventions at the desired points to deviate from the standard behavior. This level of customization empowers you to tailor the software to meet your unique needs and preferences.

⚙️ Configuration The required consumer keys and secrets for interacting with Facebook, X (Twitter) and the likes can be configured using regular settings, or, can be configured in the database via the Django admin. Here, optional support for the Django sites framework is available, which is helpful for larger multi-domain projects, but also allows for easy switching between a development (localhost) and production setup without messing with your settings and database.

.. end-features

Commercial Support

.. begin-support

Commercial support is available. If you find certain functionality missing, or require assistance on your project(s), please contact us: info@intenct.nl.

.. end-support