| Some Configurations | Handy basic settings that go with Django-Allauth (that I use most of the time). For more configuration options, see Configurations |
| ACCOUNT_AUTHENTICATION_METHOD (=”username” or “email” or “username_email”) | Specifies the login method to use – whether the user logs in by entering their username, e-mail address, or either one of both. Setting this to “email” requires ACCOUNT_EMAIL_REQUIRED=True |
| ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS (=3) | Determines the expiration date of email confirmation mails (# of days). |
| ACCOUNT_EMAIL_REQUIRED (=False) | The user is required to hand over an e-mail address when signing up. This goes in tandem with the ACCOUNT_AUTHENTICATION_METHOD setting |
| ACCOUNT_EMAIL_VERIFICATION (=”optional”) | Determines the e-mail verification method during signup – choose one of "mandatory", "optional", or "none". When set to “mandatory” the user is blocked from logging in until the email address is verified. Choose “optional” or “none” to allow logins with an unverified e-mail address. In case of “optional”, the e-mail verification mail is still sent, whereas in case of “none” no e-mail verification mails are sent. |
| ACCOUNT_LOGIN_ATTEMPTS_LIMIT (=5) | Number of failed login attempts. When this number is exceeded, the user is prohibited from logging in for the specified ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT seconds. While this protects the allauth login view, it does not protect Django’s admin login from being brute forced. |
| ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE (=False) | Determines whether or not the user is automatically logged out after changing or setting their password. |
| SOCIALACCOUNT_PROVIDERS (= dict) | Dictionary containing provider specific settings. |
