User Authentication
The boilerplate ships with django-allauth configured for email-first authentication, so sign-up, sign-in, password reset, email confirmation, and account management are already in place.
What is already configured
- users sign in with an email address, not a username
- usernames are disabled on the custom user model
- account routes live under
/accounts/ - Google social login support is already included
- email verification is enabled by default
Core account URLs
The most important built-in routes are:
/accounts/signup//accounts/login//accounts/password/reset//accounts/email/
Testing sign-up locally
Visit /accounts/signup/, create an account, and watch your terminal output. In local development, the boilerplate uses Django's console email backend by default, so the verification email is printed in the terminal instead of being sent through Mailgun.
The normal local flow is:
- Submit the sign-up form.
- Copy the confirmation link from the terminal output.
- Open that link in the browser.
- Sign in with the newly verified account.
Testing sign-up in production
In production, the same flow runs through Mailgun once you configure it. If a confirmation email does not arrive:
- check the spam folder
- review the Mailgun activity log
- confirm
MAILGUN_API_KEYandMAILGUN_DOMAINare set correctly
Django admin and allauth
You can manage users through the Django admin after you create a superuser:
python manage.py createsuperuser
If you are testing on Heroku, run the equivalent command with heroku run.
Other social providers
django-allauth supports many providers beyond Google. To add another one:
- install the provider package if it is not already included
- add the provider to
INSTALLED_APPS - create the provider credentials in the upstream service
- add a
Social Applicationin Django admin - attach that social application to the correct Django
Site
See the official django-allauth provider documentation for the provider-specific steps.