django-allauth: How to set user to active only after e-mail verification

Question

I'm using django-allauth primarily as a way to create user accounts for the admin backend. What I would like to have happen is:

1) When a user goes through the sign up procedure, send out the verification e-mail (I have this working so far) and set the user as inactive, staff, and with the "SurveyManager" group assigned to them by defult. Currently, the user is created with active set to true, staff set to false, and no groups assigned.

2) After clicking the link in their e-mail to verify their address, I'd like the user to be set to active, so they can then log in through the admin backend.

My specific problem is that I don't know: 1) how or where to set the defaults for active, staff, and group of the user -- I imagine this would be done in a models.py file, but it's my understanding that the user model is contained in the auth app; and 2) how to trigger the code to change the user active flag to true once the e-mail verification is complete.

Thanks in advance -- sorry if this is a poorly-created post, it's my first!

Answer 1

I seemed to have (mostly) resolved my issue by using signals. This post gave me the idea (but unfortunately didn't provide any code examples), while this site gave me some actual concrete examples to modify (something I've found to be a rare commodity in the Django world).

I ended up putting the following code in my page's view.py file -- I know models.py is recommended for signals, but the models being used in question are actually from the allauth package:

from allauth.account.signals import user_signed_up, email_confirmed
from django.dispatch import receiver
from django.contrib.auth.models import Group
from django.contrib.auth.models import User
from allauth.account.models import EmailAddress

@receiver(user_signed_up)
def user_signed_up_(request, user, **kwargs):

    user.is_active = False
    user.is_staff = True
    Group.objects.get(name='SurveyManager').user_set.add(user)

    user.save()

@receiver(email_confirmed)
def email_confirmed_(request, email_address, **kwargs):

    new_email_address = EmailAddress.objects.get(email=email_address)
    user = User.objects.get(new_email_address.user)
    user.is_active = True

    user.save()

The only thing that isn't quite working yet is the email_confirmed signal processing -- it's claiming "EmailAddress matching query does not exist", when it clearly does match in the database entries, but I'll go ahead and post that in a separate question.

Answer 2

ACCOUNT_EMAIL_VERIFICATION (=”optional”) Determines the e-mail verification method during signup – choose one of “mandatory”, “optional”, or “none”. When set to “mandatory” the user is blocked from logging in until the email address is verified. Choose “optional” or “none” to allow logins with an unverified e-mail address. In case of “optional”, the e-mail verification mail is still sent, whereas in case of “none” no e-mail verification mails are sent.