These docs are a work-in-progress and are currently undergoing a major rewrite!

Authentication

The built-in Django authentication systems can do a lot for you. With Forge, you get even more of the basics right out of the box.

Signup, login, password templates

There are a handful of Django auth templates that Forge has customized:

  • registration/login.html
  • registration/password_change_done.html
  • registration/password_change_form.html
  • registration/password_reset_complete.html
  • registration/password_reset_confirm.html
  • registration/password_reset_done.html
  • registration/password_reset_form.html
  • registration/signup.html (not a part of Django by default)

These are included directly in your repo, so you can customize them as much as you want.

Log in with email

The standard Django login forms ask for a username and password. For a lot of sites, the email address is really what people want to use and remember.

To enable that, we added a custom authentication backend:

AUTHENTICATION_BACKENDS = [
    "forge.authentication.EmailModelBackend",
    "django.contrib.auth.backends.ModelBackend",
]

Note that the User.email field needs to be unique if you do this, which is the default for the User model in the Forge quickstart.

OAuth

Using OAuth is a common flow for SaaS apps, but setting it up requires a few extra steps and is beyond what Forge can do for you.

We have two recommendations for libraries to use:

  • forge-oauth - this is a new streamlined OAuth library maintained by us
  • django-allauth - the popular Django solution, though sometimes overcomplicated