Skip to main content

LoginForm

Handles user login with support for username, email, or phone-based authentication.

Fields

login
CharField | EmailField
Login identifier. Field type varies based on LOGIN_METHODS setting.
password
PasswordField
User password. Omitted if passwordless login is enabled.
remember
BooleanField
Remember me checkbox. Omitted if SESSION_REMEMBER is configured.

Constructor Parameters

request
HttpRequest
The HTTP request object.

Methods

user_credentials()

Returns credentials dictionary for authentication.
return
dict
Dictionary with login method and password (if applicable).
form = LoginForm(data=request.POST, request=request)
if form.is_valid():
    credentials = form.user_credentials()
    # {'email': '[email protected]', 'password': '...'}

login(request, redirect_url=None)

Performs the login action.
request
HttpRequest
The HTTP request object.
redirect_url
str
URL to redirect after login.
return
HttpResponse
Response object (redirect or stage flow).
if form.is_valid():
    return form.login(request, redirect_url='/dashboard/')

SignupForm

Handles user registration with configurable fields.

Fields

username
CharField
Username field. Presence depends on SIGNUP_FIELDS setting.
email
EmailField
Email field. Presence and requirement depends on SIGNUP_FIELDS setting.
email2
EmailField
Email confirmation field. Only if configured in SIGNUP_FIELDS.
password1
PasswordField
Password field. Omitted for passkey signup.
password2
PasswordField
Password confirmation. Only if configured in SIGNUP_FIELDS.
phone
CharField
Phone number field. Only if configured in SIGNUP_FIELDS.

Constructor Parameters

by_passkey
bool
default:"False"
Whether this is a passkey-based signup.
email_required
bool
Override email field requirement.
username_required
bool
Override username field requirement.

Methods

validate_unique_email(value)

Validates email uniqueness and handles enumeration prevention.
value
str
Email address to validate.
return
str
Returns the validated email.

try_save(request)

Attempts to save the user, handling account conflicts.
request
HttpRequest
The HTTP request object.
return
tuple
Returns (user, response) tuple. Response is set if enumeration prevention triggered.
form = SignupForm(data=request.POST)
if form.is_valid():
    user, response = form.try_save(request)
    if response:
        return response  # Enumeration prevention response
    # Continue with user...

save(request)

Creates and saves the new user.
request
HttpRequest
The HTTP request object.
return
User
Returns the created user object.

custom_signup(request, user)

Hook for custom signup logic. Override in subclasses.
request
HttpRequest
The HTTP request object.
user
User
The newly created user.
class MySignupForm(SignupForm):
    def custom_signup(self, request, user):
        # Custom logic here
        user.profile.send_welcome_email()

AddEmailForm

Form for adding additional email addresses to an account.

Fields

email
EmailField
required
The email address to add.

Constructor Parameters

user
User
The user adding the email address.

Methods

save(request)

Adds the email address to the user’s account.
request
HttpRequest
The HTTP request object.
return
EmailAddress
Returns the created EmailAddress object.
form = AddEmailForm(data={'email': '[email protected]'}, user=request.user)
if form.is_valid():
    email_address = form.save(request)

ChangePasswordForm

Form for changing password when user knows their current password.

Fields

oldpassword
PasswordField
Current password.
password1
SetPasswordField
New password.
password2
PasswordField
New password confirmation.

Constructor Parameters

user
User
The user changing their password.

Methods

save()

Changes the user’s password. 
form = ChangePasswordForm(data=request.POST, user=request.user)
if form.is_valid():
    form.save()

SetPasswordForm

Form for setting password when user doesn’t have a usable password.

Fields

password1
SetPasswordField
New password.
password2
PasswordField
Password confirmation.

Constructor Parameters

user
User
The user setting their password.

Methods

save()

Sets the user’s password. 
form = SetPasswordForm(data=request.POST, user=request.user)
if form.is_valid():
    form.save()

ResetPasswordForm

Form for requesting a password reset.

Fields

email
EmailField
required
Email address to send reset link to.

Methods

save(request, **kwargs)

Initiates password reset flow.
request
HttpRequest
The HTTP request object.
token_generator
PasswordResetTokenGenerator
Custom token generator.
return
str
Returns the email address.
form = ResetPasswordForm(data={'email': '[email protected]'})
if form.is_valid():
    email = form.save(request)

ResetPasswordKeyForm

Form for completing password reset with a key/token.

Fields

password1
SetPasswordField
New password.
password2
PasswordField
Password confirmation.

Constructor Parameters

user
User
The user resetting their password.
temp_key
str
The temporary reset key.

Methods

save()

Resets the user’s password. 
form = ResetPasswordKeyForm(
    data=request.POST,
    user=reset_user,
    temp_key=key
)
if form.is_valid():
    form.save()

RequestLoginCodeForm

Form for requesting a login code (passwordless login).

Fields

email
EmailField
Email to send code to. Required if phone not enabled.
phone
CharField
Phone to send code to. Only present if phone login enabled.

Usage

form = RequestLoginCodeForm(data=request.POST)
if form.is_valid():
    # Code sending is handled by the view
    pass

ConfirmLoginCodeForm

Form for verifying a login code.

Fields

code
CharField
The verification code.

Constructor Parameters

code
str
Expected code for validation.
form = ConfirmLoginCodeForm(data=request.POST, code=expected_code)
if form.is_valid():
    # Code is valid
    pass

ReauthenticateForm

Form for reauthenticating an already logged-in user.

Fields

password
PasswordField
Current password for verification.

Constructor Parameters

user
User
The user to reauthenticate.
form = ReauthenticateForm(data=request.POST, user=request.user)
if form.is_valid():
    # User reauthenticated successfully
    pass

ChangeEmailForm

Form for changing email address with verification.

Fields

email
EmailField
required
New email address.

Constructor Parameters

email
str
Current email address.
form = ChangeEmailForm(data=request.POST, email=current_email)
if form.is_valid():
    new_email = form.cleaned_data['email']

ChangePhoneForm

Form for changing phone number with verification.

Fields

phone
CharField
required
New phone number.

Constructor Parameters

user
User
The user changing their phone.
phone
str
Current phone number.
form = ChangePhoneForm(data=request.POST, user=request.user, phone=current_phone)
if form.is_valid():
    new_phone = form.cleaned_data['phone']

Usage Examples

Custom Signup Form

from allauth.account.forms import SignupForm
from django import forms

class MySignupForm(SignupForm):
    first_name = forms.CharField(max_length=30, required=True)
    last_name = forms.CharField(max_length=30, required=True)
    
    def custom_signup(self, request, user):
        user.first_name = self.cleaned_data['first_name']
        user.last_name = self.cleaned_data['last_name']
        user.save()

Password Change Flow

from allauth.account.forms import ChangePasswordForm

# In view
if request.user.has_usable_password():
    form = ChangePasswordForm(data=request.POST, user=request.user)
else:
    form = SetPasswordForm(data=request.POST, user=request.user)

if form.is_valid():
    form.save()

Email Management

from allauth.account.forms import AddEmailForm
from allauth.account.models import EmailAddress

# Add email
form = AddEmailForm(data={'email': '[email protected]'}, user=request.user)
if form.is_valid():
    email_address = form.save(request)
    
# List user emails
emails = EmailAddress.objects.filter(user=request.user)

Build docs developers (and LLMs) love

Get started for freeTalk to us