Accepting email address as username in Django

python django authentication

Is there a good way to do this in Django without rolling my own authentication system? I want the username to be the user's email address instead of them creating a username.

Please advise


Solution 1:

For anyone else wanting to do this, I'd recommend taking a look at django-email-as-username which is a pretty comprehensive solution, that includes patching up the admin and the createsuperuser management commands, amongst other bits and pieces.

Edit: As of Django 1.5 onwards you should consider using a custom user model instead of django-email-as-username.

Solution 2:

Here's what we do. It isn't a "complete" solution, but it does much of what you're looking for.

from django import forms
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.models import User

class UserForm(forms.ModelForm):
    class Meta:
        model = User
        exclude = ('email',)
    username = forms.EmailField(max_length=64,
                                help_text="The person's email address.")
    def clean_email(self):
        email = self.cleaned_data['username']
        return email

class UserAdmin(UserAdmin):
    form = UserForm
    list_display = ('email', 'first_name', 'last_name', 'is_staff')
    list_filter = ('is_staff',)
    search_fields = ('email',)

admin.site.unregister(User)
admin.site.register(User, UserAdmin)

Solution 3:

Here is one way to do it so that both username and email are accepted:

from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from django.forms import ValidationError

class EmailAuthenticationForm(AuthenticationForm):
    def clean_username(self):
        username = self.data['username']
        if '@' in username:
            try:
                username = User.objects.get(email=username).username
            except ObjectDoesNotExist:
                raise ValidationError(
                    self.error_messages['invalid_login'],
                    code='invalid_login',
                    params={'username':self.username_field.verbose_name},
                )
        return username

Don't know if there is some setting to set the default Authentication form but you can also override the url in urls.py

url(r'^accounts/login/$', 'django.contrib.auth.views.login', { 'authentication_form': EmailAuthenticationForm }, name='login'),

Raising the ValidationError will prevent 500 errors when an invalid email is submitted. Using the super's definition for "invalid_login" keeps the error message ambiguous (vs a specific "no user by that email found") which would be required to prevent leaking whether an email address is signed up for an account on your service. If that information is not secure in your architecture it might be friendlier to have a more informative error message.

Related

What is the Scala equivalent of Java's ClassName.class?
Command for adding a default constraint
How do I clean up my Github fork so I can make clean pull requests?
What could be the cause of RejectedExecutionException
ASP MVC: When is IController Dispose() called?
True-way solution in Java: parse 2 numbers from 2 strings and then return their sum
What destructors are run when the constructor throws an exception?
Migrate from Sublime text 2 to Sublime text3
GridSpec with shared axes in Python
Comparing object graph representation to adjacency list and matrix representations
Bug in Microsoft's internal PriorityQueue<T>?
Confusion in choosing between JavaGit, JGit and EGit