django-allauth关于Configuration的中译_django-allauth 中文-优快云博客

本文是作者对django-allauth 0.32.0中Configuration文档的翻译和整理，主要涵盖了用户登录验证、电子邮件确认、注册流程等多个设置项，旨在帮助开发者更好地理解和使用django-allauth。内容包括ACCOUNT_AUTHENTICATION_METHOD、ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS等关键设置的解释和用途。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

前言

最近工作中会涉及到第三方注册登录等身份验证的问题，因此简略阅读了django-allauth 0.32.0的英文文档。其中，关于Configuration文档讲述的内容细琐而繁多，所以趁着工作之闲，整理翻译其中的内容，既作为工作学习的记录，也能方便日后工作所需。作为技术还处于入门级程序员并且也是人生中写的第一篇博客，希望能给大家在使用django-allauth过程中提供一些便利。下文对英文文档翻译如有误之处，也十分欢迎大家的及时指正。

整理总结可以关注的设置项：

ACCOUNT_AUTHENTICATION_METHOD (="username" | "email" | "username_email")：指定要使用的登录方法（用户名、电子邮件地址或两者之一）

ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS (=3)：邮件确认邮件的截止日期(天数)

ACCOUNT_EMAIL_VERIFICATION (="optional")：注册中邮件验证方法:“强制（mandatory）”,“可选（optional）”或“否（none）”之一

ACCOUNT_EMAIL_CONFIRMATION_COOLDOWN (=180)：邮件发送后的冷却时间(以秒为单位)

ACCOUNT_LOGIN_ATTEMPTS_LIMIT (=5)：登录尝试失败的次数

ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT (=300)：从上次失败的登录尝试，用户被禁止尝试登录的持续时间

ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION (=False)：更改为True，用户一旦确认他们的电子邮件地址，就会自动登录

ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE (=False)：更改或设置密码后是否自动退出

ACCOUNT_LOGIN_ON_PASSWORD_RESET (=False)：更改为True，用户将在重置密码后自动登录

ACCOUNT_SESSION_REMEMBER (=None)：控制会话的生命周期，可选项还有:False,True

ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE (=False):键入电子邮件地址两次以避免输入错误

ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE (=True):输入密码两次以避免输入错误

ACCOUNT_USERNAME_BLACKLIST (=[]):用户不能使用的用户名列表

ACCOUNT_UNIQUE_EMAIL (=True)：加强电子邮件地址的唯一性

ACCOUNT_USERNAME_MIN_LENGTH (=1)：用户名允许的最小长度的整数

SOCIALACCOUNT_AUTO_SIGNUP (=True)：使用从社会帐户提供者检索的字段(如用户名、邮件)来绕过注册表单

SOCIALACCOUNT_STORE_TOKENS (=True)：指示访问令牌是否存储在数据库中

（更多设置项可以查看以下译文...）

文档译文

Configuration

Available settings:

ACCOUNT_ADAPTER (="allauth.account.adapter.DefaultAccountAdapter")

Specifies the adapter class to use, allowing you to alter certain default behaviour.

指定要使用的适配器类，允许更改某些特定默认的行为。

ACCOUNT_AUTHENTICATED_LOGIN_REDIRECTS (=True)

The default behaviour is to redirect authenticated users to LOGIN_REDIRECT_URL when they try accessing login/signup pages.

默认行为是当用户尝试访问登录/注册页面时，将经过身份验证的用户重定向到LOGIN_REDIRECT_URL。

By changing this setting to False, logged in users will not be redirected when they access login/signup pages.

通过将此设置更改为False，在用户访问登录/注册页面时将不会重定向登录用户。

ACCOUNT_AUTHENTICATION_METHOD (="username" | "email" | "username_email")

Specifies the login method to use – whether the user logs in by entering their username, e-mail address, or either one of both. Setting this to "email" requires ACCOUNT_EMAIL_REQUIRED=True.

指定要使用的登录方法——用户是否通过输入他们的用户名、电子邮件地址或两者之一来登录。将其设置为"email"需要设置ACCOUNT_EMAIL_REQUIRED=True。

ACCOUNT_CONFIRM_EMAIL_ON_GET (=False)

Determines whether or not an e-mail address is automatically confirmed by a GET request. GET is not designed to modify the server state, though it is commonly used for email confirmation. To avoid requiring user interaction,consider using POST via Javascript in your email confirmation template as an alternative to setting this to True.

确定是否通过GET请求自动确认电子邮件地址。GET不是用来修改服务器状态的，尽管它通常用于电子邮件确认。为了避免需要用户交互，可以考虑在电子邮件确认模板中通过Javascript使用POST方式作为可选项，将其设置为True。

ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL (=settings.LOGIN_URL)

The URL to redirect to after a successful e-mail confirmation, in case no user is logged in.

在成功的电子邮件确认后重定向的URL，以防没有用户登录。

ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL (=None)

The URL to redirect to after a successful e-mail confirmation, in case of an authenticated user. Set to None to use settings.LOGIN_REDIRECT_URL.

在成功的电子邮件确认后重定向的URL，以验证用户的身份。设置为None使用settings.LOGIN_REDIRECT_URL。

ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS (=3)

Determines the expiration date of email confirmation mails (# of days).

确定邮件确认邮件的截止日期(天数)。

ACCOUNT_EMAIL_CONFIRMATION_HMAC (=True)

In order to verify an email address a key is mailed identifying the email address to be verified. In previous versions, a record was stored in the database for each ongoing email confirmation, keeping track of these keys. Current versions use HMAC based keys that do not require server side state.

为了验证电子邮件地址，一个密钥被邮寄来识别要验证的电子邮件地址（译者注：即通过邮件确认邮件地址）。在以前的版本中，记录存储在数据库中，用于每一个正在进行的电子邮件确认，跟踪这些键。当前版本使用基于HMAC的键，不需要服务器端状态。

ACCOUNT_EMAIL_REQUIRED (=False)

The user is required to hand over an e-mail address when signing up.

注册时，用户需要提交电子邮件地址。

ACCOUNT_EMAIL_VERIFICATION (="optional")

Determines the e-mail verification method during sign up – choose one of "mandatory", "optional", or "none". When set to "mandatory" the user is blocked from logging in until the email address is verified. Choose "optional" or "none" to allow logins with an unverified e-mail address. In case of "optional", the e-mail verification mail is still sent, whereas in case of “none” no e-mail verification mails are sent.

确定注册过程中的电子邮件验证方法-选择“强制”、“可选”或“否”之一。当设置为“强制”时，用户被阻止登录，直到验证电子邮件地址。选择“可选”或“无”以允许使用未经验证的电子邮件地址登录。在“可选”的情况下，E-mail验证邮件仍然被发送，而在“没有”的情况下，没有发送电子邮件验证邮件。

ACCOUNT_EMAIL_SUBJECT_PREFIX (="[Site]")

Subject-line prefix to use for email messages sent. By default, the name of the current Site (django.contrib.sites) is used.

用于发送电子邮件的主题行前缀。默认情况下，使用当前站点的名称(django.mentb.sites)。

ACCOUNT_DEFAULT_HTTP_PROTOCOL (="http")

The default protocol used for when generating URLs, e.g. for the password forgotten procedure. Note that this is a default only –see the section on HTTPS for more information.

用于生成url时使用的默认协议，例如用于密码遗忘过程。请注意，这只是一个默认值——请参阅HTTPS中的部分以获得更多信息。

ACCOUNT_EMAIL_CONFIRMATION_COOLDOWN (=180)

The cooldown period (in seconds) after a confirmation email is sent, during which further emails are not sent.

确认邮件发送后的冷却时间(以秒为单位)，在此期间未发送进一步的邮件。

ACCOUNT_EMAIL_MAX_LENGTH(=254)

Maximum length of the email field. You won't need to alter this unless using MySQL with the InnoDB storage engine and the utf8mb4 charset, and only in versions lower than 5.7.7, because the default InnoDB settings don't allow indexes bigger than 767 bytes. When using utf8mb4, characters are 4-bytes wide, so at maximum column indexes can be 191 characters long (767/4).Unfortunately Django doesn't allow specifying index lengths, so the solution is to reduce the length in characters of indexed text fields.More information can be found at MySQL’s documentation on converting between3-byte and 4-byte Unicode character sets.

邮件字段的最大长度。除非使用InnoDB存储引擎和utf8mb4字符集，并且只在低于5.7.7的版本中使用MySQL，否则您不需要更改此设置，因为默认的InnoDB设置不允许超过767字节的索引。当使用utf8mb4时，字符是4字节宽，因此在最大列索引中可以有191个字符长(767/4)。不幸的是，Django不允许指定索引长度，因此解决方案是减少索引文本字段的字符长度。更多的信息可以在MySQL的文档中找到，转换为3字节和4字节的Unicode字符集。

ACCOUNT_FORMS (={})

Used to override forms（用于覆盖表单）, for example: {'login': 'myapp.forms.LoginForm'}

Possible keys (and default values):

add_email: allauth.account.forms.AddEmailForm
change_password: allauth.account.forms.ChangePasswordForm
disconnect: allauth.socialaccount.forms.DisconnectForm
login: allauth.account.forms.LoginForm
reset_password: allauth.account.forms.ResetPasswordForm
reset_password_from_key: allauth.account.forms.ResetPasswordKeyForm
set_password: allauth.account.forms.SetPasswordForm
signup: allauth.account.forms.SignupForm
signup: allauth.socialaccount.forms.SignupForm

ACCOUNT_LOGIN_ATTEMPTS_LIMIT (=5)

Number of failed login attempts. When this number is exceeded, the user is prohibited from logging in for the specified ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT seconds. Set to None to disable this functionality. Important: while this protects the allauth login view, it does not protect Django's admin login from being brute forced.

登录尝试失败的次数。当超过这个数字时，用户将被禁止登录到指定的account_login_tryts_timeout秒。设置为None以禁用此功能。重要:虽然这保护了allauth登录视图，但它并没有保护Django的admin登录。

ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT (=300)

Time period, in seconds, from last unsuccessful login attempt, during which the user is prohibited from trying to log in.

时间，以秒为单位，从上次失败的登录尝试，在用户被禁止尝试登录的持续时间。

ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION (=False)

The default behaviour is not log users in and to redirect them to ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL.

默认行为不是登录用户而是将其重定向到ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL。

By changing this setting to True, users will automatically be logged in once they confirm their email address. Note however that this only works when confirming the email address immediately after signing up, assuming users didn’t close their browser or used some sort of private browsing mode.

通过将该设置更改为True，用户一旦确认他们的电子邮件地址，就会自动登录。但请注意，这只在注册后立即确认电子邮件地址的时候有效，如假设用户没有关闭浏览器或使用某种隐私浏览模式。

ACCOUNT_LOGOUT_ON_GET (=False)

Determines whether or not the user is automatically logged out by a GET request. GET is not designed to modify the server state, and in this case it can be dangerous. See LogoutView in the documentation for details.

确定是否由GET请求自动注销用户。GET不是用来修改服务器状态的，在这种情况下它可能是危险的。有关详细信息，请参阅文档中的LogoutView。

ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE (=False)

Determines whether or not the user is automatically logged out after changing or setting their password. See documentation for Django’s session invalidation on password change.

确定用户在更改或设置密码后是否自动退出。请参阅Django的会话失效密码更改的文档。

ACCOUNT_LOGIN_ON_PASSWORD_RESET (=False)

By changing this setting to True, users will automatically be logged in once they have reset their password. By default they are redirected to the password reset done page.

通过将该设置更改为True，用户将在重置密码后自动登录。默认情况下，它们被重定向到密码重置完成的页面。

ACCOUNT_LOGOUT_REDIRECT_URL (="/")

The URL (or URL name) to return to after the user logs out. This is the counterpart to Django's LOGIN_REDIRECT_URL.

在用户注销后返回的URL(或URL名称)。这与Django的LOGIN_REDIRECT_URL对应。

ACCOUNT_PASSWORD_INPUT_RENDER_VALUE (=False)

render_value parameter as passed to PasswordInput fields.

将render_value参数传递给PasswordInput字段。

ACCOUNT_PRESERVE_USERNAME_CASING (=True)

This setting determines whether the username is stored in lowercase(False) or whether its casing is to be preserved (True). Note that when casing is preserved, potentially expensive __iexact lookups are performed when filter on username. For now, the default is set to True to maintain backwards compatibility.

此设置确定用户名是否存储为小写(False)，或其外壳是否保存(True)。注意，当外壳被保存时，在过滤用户名时执行可能昂贵的 __iexac 精确查找。目前，默认设置为True，以保持向后兼容性。

ACCOUNT_SESSION_REMEMBER (=None)

Controls the life time of the session. Set to None to ask the user( "Remember me?" ), False to not remember, and True to always remember.

控制会话的生命周期。设置为"None"向用户询问(“记得我吗?”)，设置为"False"则为不记得，设置为"True"为永远记住。

ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE (=False)

When signing up, let the user type in their email address twice to avoid typo's.

在注册时，让用户键入他们的电子邮件地址两次以避免输入错误。

ACCOUNT_SIGNUP_FORM_CLASS (=None)

A string pointing to a custom form class(e.g. 'myapp.forms.SignupForm') that is used during signup to ask the user for additional input (e.g. newsletter signup, birthdate). This class should implement a def signup(self, request, user)method, where user represents the newly signed up user.

指向自定义表格类的字符串(例如:"myapp.forms.SignupForm")在注册时使用，以询问用户是否需要额外的输入(例如:通讯注册、生日)。这个类应该实现def signup(self, request, user)方法，其中用户代表新注册的用户。

ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE (=True)

When signing up, let the user type in their password twice to avoid typos.

注册时，让用户输入密码两次以避免输入错误。

ACCOUNT_TEMPLATE_EXTENSION (="html")

A string defining the template extension to use, defaults to html.

定义用于使用的模板扩展的字符串，默认为html。

ACCOUNT_USERNAME_BLACKLIST (=[])

A list of usernames that can’t be used by user.

用户不能使用的用户名列表。

ACCOUNT_UNIQUE_EMAIL (=True)

Enforce uniqueness of e-mail addresses. The emailaddress.email model field is set to UNIQUE. Forms prevent a user from registering with or adding an additional email address if that email address is in use by another account.

加强电子邮件地址的唯一性。emailaddress.email电子邮件模型字段设置为唯一。表单阻止用户注册或添加额外的电子邮件地址，如果该电子邮件地址被另一个帐户使用。

ACCOUNT_USER_DISPLAY (=a callable returning user.username)

A callable (or string of the form 'some.module.callable_name')that takes a user as its only argument and returns the display name of the user. The default implementation returns user.username.

以用户为唯一参数，并返回用户的显示名称的可调用的(或字符串形式'some.module.callable_name')。默认实现返回user.username。

ACCOUNT_USER_MODEL_EMAIL_FIELD (="email")

The name of the field containing the email, if any. See custom user models.

包含邮件的字段的名称，如果有的话。查看自定义用户模型。

ACCOUNT_USER_MODEL_USERNAME_FIELD (="username")

The name of the field containing the username, if any. See custom user models.

包含用户名的字段的名称，如果有的话。查看自定义用户模型。

ACCOUNT_USERNAME_MIN_LENGTH (=1)

An integer specifying the minimum allowed length of a username.

指定用户名允许的最小长度的整数。

ACCOUNT_USERNAME_REQUIRED (=True)

The user is required to enter a username when signing up. Note that the user will be asked to do so even if ACCOUNT_AUTHENTICATION_METHOD is set to email. Set to False when you do not wish to prompt the user to enter a username.

用户在注册时需要输入用户名。注意，即使ACCOUNT_AUTHENTICATION_METHOD设置为电子邮件，用户也会被要求这样做。设置为False时，您不希望提示用户输入用户名。

ACCOUNT_USERNAME_VALIDATORS (=None)

A path('some.module.validators.custom_username_validators') to a list of custom username validators. If left unset, the validators setup within the user model username field are used.

路径('some.module.validators.custom_username_validators')到一个自定义用户名验证器列表。如果未设置，则使用用户模型用户名字段中的验证器设置。

Example:

# In validators.py

from django.contrib.auth.validators import ASCIIUsernameValidator

custom_username_validators = [ASCIIUsernameValidator()]

# In settings.py

ACCOUNT_USERNAME_VALIDATORS = 'some.module.validators.custom_username_validators'

SOCIALACCOUNT_ADAPTER (="allauth.socialaccount.adapter.DefaultSocialAccountAdapter")

Specifies the adapter class to use, allowing you to alter certaindefault behaviour.

指定要使用的适配器类，允许您更改某些默认行为。

SOCIALACCOUNT_AUTO_SIGNUP (=True)

Attempt to bypass the signup form by using fields (e.g. username,email) retrieved from the social account provider. If a conflictarises due to a duplicate e-mail address the signup form will still kick in.

通过使用从社会帐户提供者检索到的字段(例如用户名、电子邮件)来绕过注册表单。如果由于电子邮件地址的重复出现了冲突，注册表单仍然会生效。

SOCIALACCOUNT_EMAIL_VERIFICATION (=ACCOUNT_EMAIL_VERIFICATION)

As ACCOUNT_EMAIL_VERIFICATION, but for social accounts.

作为ACCOUNT_EMAIL_VERIFICATION，但用于社会帐户。

SOCIALACCOUNT_EMAIL_REQUIRED (=ACCOUNT_EMAIL_REQUIRED)

The user is required to hand over an e-mail address when signing up using a social account.

用户在使用社交账号注册时，需要提交电子邮件地址。

SOCIALACCOUNT_FORMS (={})

Used to override forms（用于覆盖表单）, for example:{'signup': 'myapp.forms.SignupForm'}

SOCIALACCOUNT_PROVIDERS (= dict)

Dictionary containing provider specific settings.

包含提供者特定设置的字典