Reputation: 2011
Django: User able to sign up in custom registration form even if the email address is already used by another user
In my web app, I have a custom registration and login form which I made using HTML/CSS and not Django's form.as_p and Bootstrap. I have the following code in views.py:
def loginUser(request):
logout(request)
if request.POST:
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
return redirect('/dashboard/')
#otherwise show the user an error message
else:
login_message = "Your username or password is incorrect."
return render(request, 'Meetings/index.html', {'login_message': login_message})
return render(request, 'Meetings/index.html')
def signUp(request):
if request.POST:
username = request.POST['username']
email = request.POST['email']
password = request.POST['password']
password_confirm = request.POST['password-confirm']
if(valid_form(username, email, password, password_confirm)):
#create the new user
user = CustomUser(name=username, email=email, username=username)
user.set_password(password)
user.save()
user = authenticate(username=username, password=password)
login(request, user)
return redirect('/dashboard/')
else:
message = "Something went wrong."
return render(request, 'Meetings/index.html', {'message': message})
return render(request, 'Meetings/index.html')
I have a CustomUser model in models.py:
from django.contrib.auth.models import AbstractUser
from django.db import models
class CustomUser(AbstractUser):
id = models.AutoField(primary_key=True)
name = models.CharField(max_length=200, null=True)
email = models.EmailField(max_length=70, null=True)
password = models.CharField(max_length=50, null=True)
When a user signs up, a CustomUser is created and they are logged in to the app. However, if another user signs up using an email address that is already taken by another existing user, they are still able to make an account. I want it to be such that each user must have a unique email address, and they cannot make an account with an email address that is already in use. However, I am not sure how to do this. Any insights are appreciated.
Upvotes: 0
Views: 109
Answers (6)
Reputation: 379
why you want to define email field again? your class is inherited from AbstractUser that has email field somehow you want.you just add extra fields you want to add to the basic user model and in your settings.py file, set the default user authentication model to the new class that you created like below:
AUTH_USER_MODEL = 'appname.CustomUser'
Upvotes: 1
Reputation: 154
You have inherited AbstractUser in your CustomUser class so by default AbstractUser class have unique=True for username field but not for email field. If you need email field unique then you have to define it in CustomUser class like:
email = models.EmailField(max_length=70, unique=True)
or make validation in your logical code(view.py) like:
if CustomUser.objects.filter(email=email).exists():
messages= 'Error:This email is already being used with us.')
return render(request, 'Meetings/index.html', {'message': messages})
Upvotes: 2
Reputation: 1064
Try this:
if User.objects.filter(email=email).exists():
messages.error(request, 'That email is being used')
return redirect('register')
Upvotes: 1
Reputation: 3392
you can add this clause to your code to restrict the user using two emails
if User.objects.filter(email=email).exists():
messages.error(request, 'That email is being used')
return redirect('register')
else:
import the User from settings.AUTH_USER_MODEL
Upvotes: 1
Reputation: 146
For one in the model, this field needs the unique = True, property. As well as running a queryset that sees if the user exists. User.objects.filter(email=email).exists():
and rejecting the update if it does
So basicly combine the answers of the other two posters and you will be in line with best practice!
Upvotes: 0
Reputation: 102
Change the email field to include unique=True
email = models.EmailField(max_length=70, null=True,unique=True)
You will have to run your migrations again I believe
Upvotes: 0
Related Questions
- Django-registration, force unique e-mail
- How can i avoid a user from registering an already used email in django?
- 'Custom user with this Email address already exists' error when trying to update email using forms. Django
- Django UserCreationForm raise Validation Error when email already exist
- How to not accept one email address for multiple registration accounts in django?
- how to validate email properly while register and edit users in django
- Forcing unique email address during registration with Django
- Django-Registration: Email as username
- Django how to avoid duplicate email usage at registration?
- Registration Form Unique Email