Accounts for Django made beautifully simple

Overview

Django Userena

Build Status Coverage Status

Userena is a Django application that supplies your Django project with full account management. It's a fully customizable application that takes care of the signup, activation, messaging and more. It's BSD licensed, which means you can use it commercially for free!

Documentation

Complete documentation about the installation, settings and F.A.Q. is available on Read the Docs.

For list of updates and changes see UPDATES.md file.

Comments
  • Signin after signup

    Signin after signup

    Adds a USERENA_SIGNIN_AFTER_SIGNUP setting, which automatically signs a newly registered user in if True and if USERENA_ACTIVATION_REQUIRED is False.

    Adds documentation in settings.rst.

    If you like the feature but I am missing something, let me know and I'll complete.

    Thanks for Userena!

    opened by kvnn 15
  • HTTP 405 response when user tries to signup, but the form contains errors.

    HTTP 405 response when user tries to signup, but the form contains errors.

    The problem is in ExtraContextTemplateView - it only implements the get method (in TemplateView), but the signup view is defined as:

    def signup(...):
        if request.method == 'POST':
            if form.is_valid():
                . . .
                return redirect(...)
    
        return ExtraContextTemplateView.as_view(...)
    

    Since I think this might happen on other places in userena.views, I added a post() method to ExtraContextTemplateView by copying the get method.

    opened by boris-chervenkov 7
  • Django 1.9 compatibility fixes

    Django 1.9 compatibility fixes

    Some commits that makes django-userena work with Django 1.9.

    Django 1.4 compatibility had to be dropped ({% load url from future %} was removed from Django 1.9).

    So far, the changes seem to work fine, but some more testing is certainly needed before making a release.

    improvement 
    opened by smlz 6
  • django 1.6 password reset compatibility fixes

    django 1.6 password reset compatibility fixes

    This pull request fixes password reset on django>=1.6.0.

    It adds password reset wies tests and creates new submodule named userena.compat. This is proposition to handle in future any compatibility issues.

    Note that this pull request depend on #386. Merge #386 before merging this one or simply forgot about #386. Sorry for that inconvienience but I was in hurry and wanted to contribute my code ASAP because I need that fixes in my production application. I simply simply don't want to watch if earlier PR was accepted and merged, because I could forget to create new one.

    Finally I couldn't be sure that my fixes doesn't break anything without merging #386.

    This pull request fixes/closes issues #381, #384, #372, #371 without duplicating urls in userena.urls or changing url names.

    opened by swistakm 6
  • Invitation flow

    Invitation flow

    This patch is not ready to be merged, but I wanted to put it out there to see if there is interest in offering an invitation flow in django-userena.

    The patch allows existing users to invite a new user by entering their email address and optionally other user info like their first name. If no user with that email address exists a user is created so that it can be used for some basic interaction.

    At the same time an activation email is sent out to the email address. It contains a link that allows the user to activate their account by entering a password. At this point no further email address validation is needed and the user is immediately signed in.

    Cheers, Felix

    opened by fberger 5
  • Remove 'username' param from URLs with keys

    Remove 'username' param from URLs with keys

    It seems like something of a lapse in the security/anonymity provided by using SHA1 keys for user activation and email confirmation changes to have the "username" directly in the URL, and really there's no reason to have it since the lookup can be done on the key anyway.

    opened by ghinch 5
  • Moderated Registration Feature - Issue #81

    Moderated Registration Feature - Issue #81

    I've implemented a moderated registration feature. By default all functionality is the same, however there is now the capability to set the following in your settings.py:

    USERENA_MODERATED_REGISTRATION = True
    USERENA_ACTIVATION_REJECTED = 'ACTIVATION_REJECTED'
    USERENA_PENDING_MODERATION = 'PENDING_MODERATION'
    

    With moderated registration enabled, the following happens:

    • User registers
    • Receives activation email, and clicks activation link
    • Gets msg that they are activated, but pending administrators approval
    • The admin logs into the django admin, clicks 'Users', selects user, performs the 'Approve user registration' or 'Reject user registration' action from the drop down.
    • An approval or rejection email is sent accordingly

    This is an extremely important feature for us during pilot periods where we want something online publicly but only want specific people able to fully register and login. I did my best to follow Userena's coding style/layout/etc. If there is anything you are questionable about please let me know... however I feel it is a very sane and simple solution.

    Thanks!

    opened by derks 5
  • fix issue #455

    fix issue #455

    in python 3 all model must be have the str method because unicode doesn't exist

    https://docs.djangoproject.com/en/1.7/topics/python3/#str-and-unicode-methods

    opened by leonardoo 4
  • BUGFIX: Signin form initialization.

    BUGFIX: Signin form initialization.

    It's hard to realized this issue when using Django default templating system as it's too nice to tell the error. However, if you use Jinja2 you will get error in signin form.

    I believe it was a typo as other forms in views are okay.

    Credit goes to Fuhong Liu for locating this bug. Initially we had a fix in template but later Fuhong Liu found that it should have been fixed in the views.

    opened by fengsi 4
  • User activation

    User activation

    Why User's activation is so impositive? There should have others options, like allowing users to login even if they don't confirm their emails.

    This commit adds 'USERENA_ACTIVATION', and when it is False, users signup as active.

    opened by zvictor 4
  • Identify stealing for superusers

    Identify stealing for superusers

    Hi userena team,

    Here's a patch for the auth backend that allows a superuser to steal the identity of another user. This is very useful when a user reports an error on her/his account and you want to test it.

    Cheers,

    Guillaume

    opened by glibersat 4
  • Update FAQ to Work with Current Version of Django

    Update FAQ to Work with Current Version of Django

    Updated the "Hackery" to move the new fields to the front of the OrderedDict with move_to_end('key', last=False).

    Updated user_profile = new_user.get_profile() to user_profile = new_user.my_profile. get_profile() has been deprecated.

    opened by WisChrendel 3
  • don't allow signin view redirect to different host

    don't allow signin view redirect to different host

    Current signin view accept next parameter for redirect after login successfully but it don't safe check url. It could be exploited to redirect to different page other than current host

    opened by meomap 3
  • Signin view should have argument for inactive url redirect

    Signin view should have argument for inactive url redirect

    After login successfully, there's no way to specify redirect url if account is disabled. It's hardcoded with url resolved from name userena_disabled and arguments username.

    What if application doesn't want to include username in url and just return a static template. All the usage of redirect in views have option for that except this usecase

    opened by meomap 1
  • Support custom user model with USERNAME_FIELD !=

    Support custom user model with USERNAME_FIELD != "username"

    I'm using a custom auth model with USERNAME_FIELD = "email".

    The changes here are enough, along with

    USERENA_REGISTER_PROFILE = False
    USERENA_REGISTER_USER = False
    

    to get django-userena up and running with my project. However, I haven't done any thorough testing yet.

    improvement 
    opened by dpretty 4
Releases(v2.0.1)
  • v2.0.1(Mar 23, 2016)

    Fixes and improvements:

    • Fixed missing README.md that caused installation failure (#517).
    • Use universal wheels when distributing the package.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.0(Mar 22, 2016)

    Backwards incompatible changes:

    • Drop support for Django 1.4
    • Add support for Django 1.9
    • Added new Django 1.9 migration for userena and userena.contrib.umessages. Old South migrations are still available in userena.south_migrations and userena.contrib.umessages.south_migrations but are deprecated and may be removed in future major releases. South>1.0 is required for older versions of Django.
    • django-guardian requirement bumped to <=1.4.1 as newer version (1.4.2) fails on tests.
    • removed all {% load url from future %} from userena templates for compatibility with Django 1.9
    • sha_constructor(), smart_text(), and md5_constructor removed from userena.compat
    • Use simple list literal as url patterns instead of django.conf.urls.patterns() function

    Deprecated features:

    • userena.utils.get_user_model is deprecated and will be removed in version 3.0.0. Use django.contrib.auth.get_user_model

    Fixes and improvements:

    • More nodes added to the travis test matrix.
    • Some documentation moved to .md files.
    • Deprecated unittest aliases replaced in tests.
    • Updated list of trove classifiers.
    • Added option to execute runtests script with pattern parameter to limit number of tests.
    • Added {posargs} to test command execution in tox.ini to improve developer experience during tests.
    • Minor documentation improvements.
    • Set django-guardian<1.4.0 version for Django 1.5 and 1.6 tests.
    Source code(tar.gz)
    Source code(zip)
  • v1.5.1(Mar 22, 2016)

  • v1.5.0(Mar 22, 2016)

    Fixes and improvements:

    • Updated Norwegian translations and fixed issue with unicode characters sent to utils.generate_sha1 (#472)
    • Fix upload_to_mugshot if model uses primary key diffrent than id (#475)
    • Minor compatibility improvements (#485)
    • Refactored mailer (#486)
    • Password reset email now inlcudes email template for django>=1.7 (#493)
    • Fixes to translations (#499)
    • Added Romanian translations (#500)

    Backwards incompatible changes:

    • django-guardian has version fixed to <=1.3.1 due to django 1.4 compatibility
    Source code(tar.gz)
    Source code(zip)
  • v1.4.1(May 22, 2015)

    • hack in usermail removed since recent dependencies does not require it (#462)
    • minor improvements in documentation (#461)
    • fixed bug that caused usernames to be altered (#456)
    • fixed support for python3.2/python3.4 (#455, #453)
    Source code(tar.gz)
    Source code(zip)
  • v1.4.0(Mar 22, 2016)

  • v1.3.2(Mar 22, 2016)

  • v1.3.1(Mar 22, 2016)

    Backwards incompatible changes:

    • When USERENA_ACTIVATION_REQUIRED = False, creating new user does not automatically create userena profile (bug).
    Source code(tar.gz)
    Source code(zip)
  • v1.2.2(Mar 22, 2016)

    Backwards incompatible changes:

    • Changed backwards relationships names for Umessages contrib application from to_user to um_to_user and from_user to um_from_user.
    Source code(tar.gz)
    Source code(zip)
  • v1.2.0(Mar 22, 2016)

    Backwards incompatible changes:

    • This version updates Userena to be able to use the new User model found in Django 1.5. This does require the django-guardion > 1.5-dev. To make this work, there is a get_user_model function in userena/utils.py which is used to get the correct User model.
    Source code(tar.gz)
    Source code(zip)
  • v1.1.2(Mar 22, 2016)

    Backwards incompatible changes:

    • Activation view no longer contains username. If you override userena/templates/userena/emails/activation_email_message.txt and userena/templates/userena/emails/confirmation_email_message_new.txt be sure to remove username from the URL.
    Source code(tar.gz)
    Source code(zip)
  • v1.1(Mar 22, 2016)

  • v1.0.1(Mar 22, 2016)

    Backwards incompatible changes:

    • Removed the user relationship outside UserenaBaseProfile model. This allows the user to define it's own relationship and fixes a conflict while running manage.py test. To migrate, place the user field inside your profile model, instead of inheriting it from the abstract class.
    Source code(tar.gz)
    Source code(zip)
A simple model based API maker written in Python and based on Django and Django REST Framework

Fast DRF Fast DRF is a small library for making API faster with Django and Django REST Framework. It's easy and configurable. Full Documentation here

Mohammad Ashraful Islam 18 Oct 05, 2022
OpenConnect auth creditials collector.

OCSERV AUTH CREDS COLLECTOR V1.0 Зачем Изначально было написано чтобы мониторить какие данные вводятся в интерфейс ханипота в виде OpenConnect server.

0 Sep 23, 2022
Crie seus tokens de autenticação com o AScrypt.

AScrypt tokens O AScrypt é uma forma de gerar tokens de autenticação para sua aplicação de forma rápida e segura. Todos os tokens que foram, mesmo que

Jaedson Silva 0 Jun 24, 2022
This program automatically logs you into a Zoom session at your alloted time

This program automatically logs you into a Zoom session at your alloted time. Optionally you can choose to have end the session at your allotted time.

9 Sep 19, 2022
Auth-Starters - Different APIs using Django & Flask & FastAPI to see Authentication Service how its work

Auth-Starters Different APIs using Django & Flask & FastAPI to see Authentication Service how its work, and how to use it. This Repository based on my

Yasser Tahiri 7 Apr 22, 2022
Authentication, JWT, and permission scoping for Sanic

Sanic JWT Sanic JWT adds authentication protection and endpoints to Sanic. It is both easy to get up and running, and extensible for the developer. It

Adam Hopkins 229 Jan 05, 2023
FastAPI Simple authentication & Login API using GraphQL and JWT

JeffQL A Simple FastAPI authentication & Login API using GraphQL and JWT. I choose this Name JeffQL cause i have a Low level Friend with a Nickname Je

Yasser Tahiri 26 Nov 24, 2022
Strong, Simple, and Precise security for Flask APIs (using jwt)

flask-praetorian Strong, Simple, and Precise security for Flask APIs API security should be strong, simple, and precise like a Roman Legionary. This p

Tucker Beck 321 Dec 18, 2022
Simple two factor authemtication system, made by me.

Simple two factor authemtication system, made by me. Honestly, i don't even know How 2FAs work I just used my knowledge and did whatever i could. Send

Refined 5 Jan 04, 2022
An open source Flask extension that provides JWT support (with batteries included)!

Flask-JWT-Extended Features Flask-JWT-Extended not only adds support for using JSON Web Tokens (JWT) to Flask for protecting views, but also many help

Landon Gilbert-Bland 1.4k Jan 04, 2023
Auth for use with FastAPI

FastAPI Auth Pluggable auth for use with FastAPI Supports OAuth2 Password Flow Uses JWT access and refresh tokens 100% mypy and test coverage Supports

David Montague 95 Jan 02, 2023
PetitPotam - Coerce NTLM authentication from Windows hosts

Python implementation for PetitPotam

ollypwn 137 Dec 28, 2022
CheckList-Api - Created with django rest framework and JWT(Json Web Tokens for Authentication)

CheckList Api created with django rest framework and JWT(Json Web Tokens for Aut

shantanu nimkar 1 Jan 24, 2022
Automatizando a criação de DAGs usando Jinja e YAML

Automatizando a criação de DAGs no Airflow usando Jinja e YAML Arquitetura do Repo: Pastas por contexto de negócio (ex: Marketing, Analytics, HR, etc)

Arthur Henrique Dell' Antonia 5 Oct 19, 2021
Quick and simple security for Flask applications

Note This project is non maintained anymore. Consider the Flask-Security-Too project as an alternative. Flask-Security It quickly adds security featur

Matt Wright 1.6k Dec 19, 2022
Login qr line & qr image

login-qr-line-qr-image login qr line & qr image python3 & linux ubuntu api source: https://github.com/hert0t/BEAPI-BETA import httpx import qrcode fro

Alif Budiman 1 Dec 27, 2021
JSON Web Token implementation in Python

PyJWT A Python implementation of RFC 7519. Original implementation was written by @progrium. Sponsor If you want to quickly add secure token-based aut

José Padilla 4.5k Jan 09, 2023
OAuth2 goodies for the Djangonauts!

Django OAuth Toolkit OAuth2 goodies for the Djangonauts! If you are facing one or more of the following: Your Django app exposes a web API you want to

Jazzband 2.7k Dec 31, 2022
JWT authentication for Pyramid

JWT authentication for Pyramid This package implements an authentication policy for Pyramid that using JSON Web Tokens. This standard (RFC 7519) is of

Wichert Akkerman 73 Dec 03, 2021
Django CAS 1.0/2.0/3.0 client authentication library, support Django 2.0, 2.1, 2.2, 3.0 and Python 3.5+

django-cas-ng django-cas-ng is Django CAS (Central Authentication Service) 1.0/2.0/3.0 client library to support SSO (Single Sign On) and Single Logou

django-cas-ng 347 Dec 18, 2022