I am using Django rest-auth and allauth for registration functionality. After a user registers, an email should be sent that a user is required to click on before they become an active user.
Currently, the user is marked as is_active in the api_user table as soon as they register (no email verification was required and I was also able to login).
I noticed the verified column in the account_emailaddress table is being updated correctly (set to 0 before email verification and 1 afterwards).
However this is does not seem to have any bearing on the is_active column in the api_user table.
These are my current Django settings:
AUTH_USER_MODEL = 'api.User'
ACCOUNT_USER_MODEL_USERNAME_FIELD = None
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_VERIFICATION='mandatory'
Would anyone know what I might not be doing? Any explanations as to how this should work is greatly appreciated.
Thanks for your help!
django-allauth does not change the value of is_active based on the email verification.
According to their source code, they don't touch the is_active flag:
https://github.com/pennersr/django-allauth/blob/master/allauth/account/views.py#L290