Reputation: 153
Send activation code by email after registration instead of URL
As we seen in different websites, After user's sign-up it sends an activation code with 6/5 character to user's email. User should submit the code in the website to activate their account. I am trying to do the same thing but can't figure it out how to do it in django-rest-framework using djoser.
Currently, I am using Djoser for registration and activation. Djoser sends activation URL in the email; which activates the account when clicked on and It's working fine.
How can I can send a 6 character alphanumeric code for activation to the user, instead of sending the whole URL?
I'm using: django-rest-framework, django-rest-framework-jwt, djoser
Upvotes: 4
Views: 3825
Answers (3)
Reputation: 6549
I've used a variation of the following in projects:
# models.py
import random
from django.conf import settings
from django.db import models
def generate_activation_code():
return ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(6))
class ActivationCode(models.Model):
user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT)
code = models.CharField(max_length=6, default=generate_activation_code)
# views.py
from django.http import Http404
def register_user(request):
# create your `new_user` however you see fit
code = ActivationCode.objects.create(user=new_user)
send_mail(
'Activate Your Account',
'Here is the activation code: %s' % code,
'[email protected]',
[user.email]
)
render(request, 'activation_sent.html')
def check_activation_code(request, code):
try:
ActivationCode.objects.get(code=code)
# ... All set, activate & login the user, & delete the activation code
except ActivationCode.DoesNotExist:
raise Http404
return render(request, 'welcome.html')
Enhancements could include adding an expiry date to the ActivationCode that you check in the view, and/or a management job to clean old codes.
Upvotes: 2
Reputation: 1397
Instead of creating a random value, encode some unique user data and append it to the url. like this
import jwt
data = {'email' : "[email protected]"} # Some unique field for reference
secret_key = "test"
algorithm = "HS256" # You can use MD5 or whatever you want
jwt.encode(data, secret_key, algorithm)
After they click the mail activation url you can decode and validate the unique field in Database. For this you don't want save the code in DB. It's my suggestion
Upvotes: 1
Reputation: 393
You can generate 6 digit random number:
import random
codeval = random.randint(111111,999999)
And send it with email. And you can keep exact the same copy of the random number. And when user will give his number. You can match it with the stored one. If it matches then you will activate the user profile.
Upvotes: -1
Related Questions
- registration with email verification with dj-rest-auth
- How to handle activation url with Django Djoser?
- Djoser user activation email POST example
- djoser activate account by link
- Accounts activation with Djoser and Django Rest Framework
- Django-rest-framework will not send user registration activation email
- send activate-email with django-registration
- Code for sending activation data back to django server from email
- django registration custom send activation email
- Pass success_url to the activate