These docs are a work-in-progress and are currently undergoing a major rewrite!

Authentication

The built-in Django authentication systems can do a lot for you. With Forge, you get even more of the basics right out of the box.

Signup, login, password templates

There are a handful of Django auth templates that Forge has customized:

  • registration/login.html
  • registration/password_change_done.html
  • registration/password_change_form.html
  • registration/password_reset_complete.html
  • registration/password_reset_confirm.html
  • registration/password_reset_done.html
  • registration/password_reset_form.html

You can override these by putting a copy in your own templates.

Log in with email

The standard Django login forms ask for a username and password. For a lot of sites, the email address is really what people want to use and remember.

To enable that, we added a custom authentication backend:

AUTHENTICATION_BACKENDS = [
    "forge.authentication.EmailModelBackend",
    "django.contrib.auth.backends.ModelBackend",
]

Note that the email field needs to be unique if you do this, which is the default for the User model in the Forge quickstart.

OAuth

Using OAuth is a common flow for SaaS apps, but setting it up requires a few extra steps and is beyond what Forge can do for you.

We have two recommendations for libraries to use:

  • django-oauth-login - this is new, but maintained by us and built with Forge-like projects in mind
  • django-allauth - the popular solution, though sometimes overcomplicated

If you have questions about integrating OAuth, ask in GitHub Discussions.