Recently, while working on a project with Mozilla, I came across the need to restrict signups for a site I was working on. Although there has been some attempt to do this in the past (some Mozilla projects use BrowserID and still require additional verification), I could not find much documentation on restricting signups at the moment of login using email addresses. So I made my own and here it is!
Prerequisites
To start this guide is written for Django projects, specifically those using Mozilla's Playdoh framework. If you aren't using Playdoh, I suggest trying it out - it really simplifies Django development and helps get projects started in seconds. Also, Playdoh comes pre-setup with BrowserID. If you decide not to use Playdoh, you can still follow this tutorial, you'll just need to setup BrowserID on your own first. There are a number of guides for doing that (such as this one: http://django-browserid.readthedocs.org/en/latest/).
Step 1 - Modify Project Settings
There are two settings files you need to edit (assuming Playdoh is being used; if not, look for settings.py in your project): settings/base.py and settings/local.py.
In settings/base.py:
Add the following lines in the "BrowserID" section (or at the bottom of the page):
BROWSERID_CREATE_USER = 'project.app.util.create_user'
ACCEPTED_USER_DOMAINS = [
]
Replace "project" with the name of your project and "app" with the name of your app.
Save the file.
In settings/local.py:
Add the following line:
ACCEPTED_USER_DOMAINS = [
#example.com,
]
Replace the commented line with a list of domains, comma-separated from which you would like to allow users. For example, the project I'm working on has the following setup:
ACCEPTED_USER_DOMAINS = [
'mozilla.com',
'mozilla.org',
]
Save the file.
Step 2 - Create a util File
In your application's home directory (not the project directory), create a file called "util.py." Add these lines to that file:
from django.contrib.auth.models import User
from django.conf import settings
from project import app
def create_user(email):
domain = email.rsplit('@', 1)[1]
if domain in settings.ACCEPTED_USER_DOMAINS:
return User.objects.create_user(email, email)
return User.objects.create_user(email, email)
Replace "project" and "app" with your project's and app's names.
Finish
Now, when your users click the "Sign In with BrowserID" button, they must use an accepted domain before their account will be created. If not, they will be redirected to the homepage without being logged in.
Video
If you prefer video instruction you can follow along with, here you go: