4đ
After a lot of fiddling about, I think the allauth settings donât work how I expected from their names and maybe donât work as intended. ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL does not mean âredirect after the user logged inâ. The code tests on user.is_authenticated (site-packages/allauth/account/adapter.py) which in this context seems to mean âwas the confirmation link valid?â.
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION doesnât seem to work at all with token authentication, and anyway is known not to work if the session has changed. So I think it must be set to False.
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = False seems to be honoured sometimes but not always and I havenât found out whyâŠ
Looking at how the email_confirm.html template is built, I think that success will always redirect you to ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL and failure will keep you on the page with a non-working link to request a new confirmation email.
I canât find when ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL would be used but have set it to the home page.
I may have misunderstood this, but I have finally got a sort-of-working setup. Itâs very cludgy, there must be a better way to do this but right now Iâll take anything that lets me move on. I have ended up using several allauth templates for account management because I canât get this working with rest-auth.
There is still an issue with failed links: mostly I see the template page with its useful message, but sometimes it just shows the home page. But at least that is not the main flow and not a disaster for the user.
settings.py: note the template DIRS entry for allauth, otherwise my custom template is not used
TEMPLATES = [
{
...
'DIRS': [os.path.join(BASE_DIR, 'templates'),
os.path.join(BASE_DIR, 'assets'),
os.path.join(BASE_DIR, 'templates', 'allauth')],
...
]
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = False
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = '/'
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = '/verified'
âverifiedâ is a route in my front end that displays a confirmation message and a link to login.
urls.py
from django.views.generic import TemplateView
urlpatterns = [
...
re_path(r'^rest-auth/registration/account-confirm-email/(?P<key>[-:\w]+)/$', confirm_email,
name='account_confirm_email'),
]
templates/account/email_confirm.html, modified to give a working link on failure
{% extends "account/base.html" %}
{% load i18n %}
{% load account %}
{% block head_title %}{% trans "Confirm E-mail Address" %}{% endblock %}
{% block content %}
<h1>{% trans "Confirm E-mail Address" %}</h1>
{% if confirmation %}
{% user_display confirmation.email_address.user as user_display %}
<p>{% blocktrans with confirmation.email_address.email as email %}Please confirm that <a href="mailto:{{ email }}">{{ email }}</a> is an e-mail address for user {{ user_display }}.{% endblocktrans %}</p>
<form method="post" action="{% url 'account_confirm_email' confirmation.key %}">
{% csrf_token %}
<button type="submit">{% trans 'Confirm' %}</button>
</form>
{% else %}
{% url 'account_email' as email_url %}
<p>{% blocktrans %}The email confirmation link expired or is invalid. Please <a href="/login/">login</a> and request a new confirmation email from your user account.{% endblocktrans %}</p>
{% endif %}
{% endblock %}