I am using django 1.10 and django-allauth for authentication on my website.
For email/password (i.e. non social) login, I want to be able to place code to check the email - so that I DISALLOW signup from certain well known spammy domains.
So I want to incorporate logic like this:
BANNED_DOMAINS = ('foobar.com', 'foo.biz', 'example.')
def email_has_banned_domain(email):
found = False
for x in BANNED_DOMAINS:
if x in email:
found = True
break
return found
How do I then, incorporate this simple function to the allautrh workflow, to prevent singups from banned domains?
The usual way to customize the allauth flow is by defining a custom Adapter. The documentation doesn't list all the hooks, but a look at the source code shows a clean_email() method that should do what you want.
Validates an email value. You can hook into this if you want to (dynamically) restrict what email addresses can be chosen.
Something like this should work:
from allauth.account.adapter import DefaultAccountAdapter
class MyAdapter(DefaultAccountAdapter):
def clean_email(self, email):
email = super().clean_email(email)
if email_has_banned_domain(email):
raise forms.ValidationError("Your domain is bad.")
return email