Merge pull request #274 from RSE-Sheffield/feat/allauth

twinkarma · web-flow · commit 81159634c448 · 2025-06-03T10:19:36.000+01:00
Use allauth for email address verification
diff --git a/SORT/settings.py b/SORT/settings.py
@@ -61,6 +61,8 @@ def cast_to_boolean(obj: Any) -> bool:
     "django.contrib.messages",
     "django.contrib.staticfiles",
     # Plugin apps
+    "allauth",
+    "allauth.account",
     "django_bootstrap5",
     "django_extensions",
     "qr_code",
@@ -86,6 +88,7 @@ def cast_to_boolean(obj: Any) -> bool:
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "allauth.account.middleware.AccountMiddleware",
 ]
 if DEBUG:
     MIDDLEWARE.append("debug_toolbar.middleware.DebugToolbarMiddleware")
@@ -196,7 +199,10 @@ def cast_to_boolean(obj: Any) -> bool:
 EMAIL_USE_LOCALTIME = cast_to_boolean(os.getenv("DJANGO_EMAIL_USE_LOCALTIME", True))
 DEFAULT_FROM_EMAIL = os.getenv("DJANGO_DEFAULT_FROM_EMAIL", "noreply@noreply.com")
 
-AUTHENTICATION_BACKENDS = ("django.contrib.auth.backends.ModelBackend",)
+AUTHENTICATION_BACKENDS = (
+    "django.contrib.auth.backends.ModelBackend",
+    "allauth.account.auth_backends.AuthenticationBackend",
+)
 
 # For django-debug-toolbar
 INTERNAL_IPS = [
@@ -269,3 +275,10 @@ def cast_to_boolean(obj: Any) -> bool:
 INVITATIONS_SIGNUP_REDIRECT = "signup"
 INVITATIONS_CONFIRMATION_URL_NAME = "member_invite_accept"
 INVITATIONS_EMAIL_SUBJECT_PREFIX = "SORT"
+
+# AllAuth authentication options
+# https://docs.allauth.org/en/latest/account/configuration.html
+ACCOUNT_SIGNUP_FIELDS = ["email*", "password1*", "password2*"]
+ACCOUNT_LOGIN_METHODS = {"email"}
+ACCOUNT_USER_MODEL_USERNAME_FIELD = None
+ACCOUNT_EMAIL_VERIFICATION="mandatory"
diff --git a/SORT/urls.py b/SORT/urls.py
@@ -23,6 +23,7 @@
     path("admin/", admin.site.urls),
     path("", include("home.urls")),
     path("", include("survey.urls"), name="survey"),
+    path("accounts/", include("allauth.urls")),
 ]
 
 if settings.DEBUG:
diff --git a/home/templates/home/login.html b/home/templates/home/login.html
@@ -17,9 +17,12 @@
         <button type="submit" class="btn btn-primary w-100">Login</button>
     </form>
     <div class="text-center mt-3 small-text" style="font-size: 0.7rem;">
-        <div class="text-end mt-1 small-text">
+        <div class="text-center mt-2 small-text" style="font-size: 0.7rem;">
             <a href="{% url 'password_reset' %}" class="small">Forgot Password?</a>
         </div>
+        <div class="text-center mt-2 small-text" style="font-size: 0.7rem;">
+            <a href="{% url 'account_signup' %}" class="small">Don't have an account? Sign up</a>
+        </div>
     </div>
 
 {% endblock %}
diff --git a/requirements.txt b/requirements.txt
@@ -31,3 +31,4 @@ factory-boy==3.3.3
 django-crispy-forms==2.4
 crispy-bootstrap5==2025.4
 django-invitations==2.1.0
+django-allauth==65.9.0
diff --git a/static/templates/account/email_confirm.html b/static/templates/account/email_confirm.html
@@ -0,0 +1,46 @@
+{% extends "login_base.html" %}
+{% load static %}
+{% load django_bootstrap5 %}
+{% load i18n %}
+{% load account %}
+{% load allauth %}
+{% block head_title %}
+    {% trans "Confirm Email Address" %}
+{% endblock head_title %}
+{% block content %}
+    {% element h1 %}
+        {% trans "Confirm Email Address" %}
+    {% endelement %}
+    {% if confirmation %}
+        {% user_display confirmation.email_address.user as user_display %}
+        {% if can_confirm %}
+            {% element p %}
+                {% blocktrans with confirmation.email_address.email as email %}Please confirm that
+                    <a href="mailto:{{ email }}">{{ email }}</a> is your email address.
+                {% endblocktrans %}
+            {% endelement %}
+            {% url 'account_confirm_email' confirmation.key as action_url %}
+            {% element form method="post" action=action_url %}
+                {% slot actions %}
+                    {% csrf_token %}
+                    {{ redirect_field }}
+                    {% element button type="submit" %}
+                        📧
+                        {% trans 'Confirm' %}
+                    {% endelement %}
+                {% endslot %}
+            {% endelement %}
+        {% else %}
+            {% element p %}
+                {% blocktrans %}Unable to confirm {{ email }} because it is already confirmed by a different account.
+                {% endblocktrans %}
+            {% endelement %}
+        {% endif %}
+    {% else %}
+        {% url 'account_email' as email_url %}
+        {% element p %}
+            {% blocktrans %}This email confirmation link expired or is invalid. Please
+                <a href="{{ email_url }}">issue a new email confirmation request</a>.{% endblocktrans %}
+        {% endelement %}
+    {% endif %}
+{% endblock content %}
diff --git a/static/templates/account/signup.html b/static/templates/account/signup.html
@@ -0,0 +1,40 @@
+{% extends "login_base.html" %}
+{% load static %}
+{% load django_bootstrap5 %}
+
+{% block title %}Register{% endblock %}
+
+{% block content %}
+    <form method="POST">
+        {% csrf_token %}
+        {% for field in form %}
+            <div class="mb-3">
+                <label for="{{ field.id_for_label }}" class="form-label"
+                       style="text-align: right">{{ field.label }}</label>
+                <input type="{{ field.field.widget.input_type }}"
+                       class="form-control"
+                       id="{{ field.id_for_label }}"
+                       name="{{ field.name }}"
+                       value="{{ field.value|default:'' }}"
+                        {% if field.field.required %} required {% endif %} />
+                {% if field.errors %}
+                    <div class="text-center alert-danger mt-3 p-2" role="alert" style="font-size: 0.7rem">
+                        {{ field.errors|join:", " }}
+                    </div>
+                {% endif %}
+            </div>
+        {% endfor %}
+
+        <div class="form-check mb-3">
+            <input class="form-check-input" type="checkbox" id="is_manager" name="is_manager" required>
+            <label class="form-check-label" for="is_manager">
+                I confirm I am signing up to SORT as an account manager.
+            </label>
+        </div>
+
+        <button type="submit" class="btn btn-primary w-100">Register</button>
+    </form>
+    <div class="text-center mt-2 small-text" style="font-size: 0.7rem;">
+        <a href="{% url 'login' %}">Already have an account? Login here</a>
+    </div>
+{% endblock %}
diff --git a/static/templates/account/verification_sent.html b/static/templates/account/verification_sent.html
@@ -0,0 +1,14 @@
+{% extends "login_base.html" %}
+{% load i18n %}
+{% load allauth %}
+{% block title %}
+    {% trans "Verify Your Email Address" %}
+{% endblock title %}
+{% block content %}
+    {% element h1 %}
+        {% trans "Verify Your Email Address" %}
+    {% endelement %}
+    {% element p %}
+        {% blocktrans %}We have sent an email to you for verification. Follow the link provided to finalize the signup process. If you do not see the verification email in your main inbox, check your spam folder. Please contact us if you do not receive the verification email within a few minutes.{% endblocktrans %}
+    {% endelement %}
+{% endblock content %}
diff --git a/static/templates/account/verified_email_required.html b/static/templates/account/verified_email_required.html
@@ -0,0 +1,25 @@
+{% extends "login_base.html" %}
+{% load i18n %}
+{% load allauth %}
+{% block title %}
+    {% trans "Verify Your Email Address" %}
+{% endblock title %}
+{% block content %}
+    {% element h1 %}
+        {% trans "Verify Your Email Address" %}
+    {% endelement %}
+    {% url 'account_email' as email_url %}
+    {% element p %}
+        {% blocktrans %}This part of the site requires us to verify that
+you are who you claim to be. For this purpose, we require that you
+verify ownership of your email address. {% endblocktrans %}
+    {% endelement %}
+    {% element p %}
+        {% blocktrans %}We have sent an email to you for
+verification. Please click on the link inside that email. If you do not see the verification email in your main inbox, check your spam folder. Otherwise
+contact us if you do not receive it within a few minutes.{% endblocktrans %}
+    {% endelement %}
+    {% element p %}
+        {% blocktrans %}<strong>Note:</strong> you can still <a href="{{ email_url }}">change your email address</a>.{% endblocktrans %}
+    {% endelement %}
+{% endblock content %}
diff --git a/static/templates/allauth/elements/button.html b/static/templates/allauth/elements/button.html
@@ -0,0 +1,13 @@
+{% load allauth %}
+{% comment %} djlint:off {% endcomment %}
+<{% if attrs.href %}a href="{{ attrs.href }}"{% else %}button{% endif %}
+                      {% if attrs.form %}form="{{ attrs.form }}"{% endif %}
+                      {% if attrs.id %}id="{{ attrs.id }}"{% endif %}
+                      {% if attrs.name %}name="{{ attrs.name }}"{% endif %}
+                      {% if attrs.value %}value="{{ attrs.value }}"{% endif %}
+                      {% if attrs.type %}type="{{ attrs.type }}"{% endif %}
+                      class="btn btn-primary"
+>
+    {% slot %}
+    {% endslot %}
+    </{% if attrs.href %}a{% else %}button{% endif %}>

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@`
`23`	`23`	`path("admin/", admin.site.urls),`
`24`	`24`	`path("", include("home.urls")),`
`25`	`25`	`path("", include("survey.urls"), name="survey"),`
	`26`	`+ path("accounts/", include("allauth.urls")),`
`26`	`27`	`]`
`27`	`28`
`28`	`29`	`if settings.DEBUG:`