• Simple, out-of-the-box Django all-auth demo app
  • A "brochure" or visitor (no login required) area
  • A members-only (login required) area.
  • Supports local email/password as well as easy oauth with Google, Facebook and others.

This is a simple, old-style HTML request/response website.
No webpack, node, JavaScript framework.
Objective is to get you a basic, visitor-and-member website operational quickly.


  1. Get your Facebook and/or Google app creds (see sections below for more info);
  2. Clone or download the repo; then
  3. Follow instructions below:
$ cd demo-allauth-bootstrap

## create and use a Python virtualenv:

$ python3 -m venv mypy          # doesn't have to be called "mypy"; it's just my convention.
$ . ./mypy/bin/active           # adjust this if you used a name other than "mypy"

## install all dependencies into this venv:

$ pip install -r requirements.txt

## run the handy configure script:

$ python ./


Do you want to configure auth via Facebook?
You'll need the app secret and client. (y/n): y              # or enter 'n' to skip

Facebook App Secret? >                                       # Facebook secret here...

Facebook App ID (not client token)?                          # and app ID here.


Do you want to configure auth via Google?
You'll need the app secret and client. (y/n): y              # or enter 'n' to skip

Google Secret? >                                             # Google secret here...

Google Client ID? >                                          # and Google client ID here.

Next steps

Run these commands:

    python makemigrations allauthdemo_auth
    python migrate
    python createsuperuser                         # optional; doesn't need real email address.

    # Facebook
    python set_auth_provider facebook --redacted-info-here--

    # Google
    python set_auth_provider google --redacted-info-here--

If you have other providers you can add them like:

    python set_auth_provider <name e.g. 'google'> <client id> <secret>


    python runserver

Run the commands shown in "next steps" above.

Load in your browser.


Overall tip

Tinker with it out-of-the-box. If it does what you like, you can
remove a few things and use the code as a basis for your
own site.

Tips for Facebook

  • See "Configure Facebook Login" section below
  • You'll need the Facebook App ID (NOT any client ID) and the secret.
  • Repeat, the Facebook App ID and NOT any client ID is what should be entered
    for "client ID"
  • Create an app in the facebook-developer-settings area and then create a test app
    from that. The test app seems to be the only thing that will work with a
    localhost Django app.
  • Read the article by Sarah or see below for moe.

Tips for Google

  • See "Configure Google Login" section below
  • You'll need the Google client ID and secret from the Google Developer Console.


If you want users to register and set passwords locally, i.e. never via a provider
like Facebook or Google, run and answer 'n' to the questions.

If you want to use a provider like Facebook or Google, you'll need to do a little setup
on those sites to get settings you'll need in Django.

Configure Facebook Login

Follow these instructions if you want to use Facebook as an authentication provider.
Skip otherwise.

Sarah describes this nicely in her article

Aside from UI changes, the method she described worked well.

Go to facebook-developer-settings.

Add app

Create a test app (under the above app)

Go to Settings > Advanced

Do not add any server to Server IP Whitelist (facebook-whitelist-ip-error)

Add product "Facebook Login"

Enable if not automatically selected: Client OAuth Login, Web OAuth Login

Add OAuth redirect URL (in any order):

Note: If you're loading your site with localhost:8000 you should use "http://localhost:8000/..."
above. Whichever you choose, do it consistently and you should be ok.

Note: The "app secret" and "client id" are a bit confusing with Facebook.
You want to record the "Facebook App Secret" and the "Facebook App ID". The latter
"Facebook App ID" becomes the "client ID" from a Django Allauth perspective.

Configure Google Login

Follow these instructions if you want to use Google as an authentication provider.
Skip this section otherwise.

To set up Google, follow the Google oauth instructions or [this help answer][4]
which is basically:

Go to

Create a new app

Make sure that app is selected (next to the "Google APIs" Logo in the top-left)

In the left navigation rail under "APIs and Services", click "Credentials"

Create new oauth client ID

You will need to specify some "consent screen details". You can skip most
of the fields.

For Authorized Javascript Origins, add:

For Authorized Redirect URIs, add:

Click "Create"

Copy the "client ID" and "client secret" strings and keep each handy - you'll need them shortly.

Reminder: if you're loading your site at localhost:8000 then you'll need to set the
URIs above to ``http://localhost:8000/..." etc. I recommend not doing that. Instead, just
load your local site as

Configure authentication with other providers

The django-allauth library covers many others providers

First-time setup

Make sure you have Python 3.x installed. I used Python 3.6.

Python 2.7.x used to work but Django 2.0 dropped support for Python 2.x, and is
dropping support for Python 3.4.

Create a virtualenv and requirements.

For example:

 $ cd demo-allauth-bootstrap
 $ python3 -m venv mypy       # you can call it anything, not just "mypy"
 $ . mypy/bin/activate
 $ pip install -r requirements.txt

Generate the initial settings:

 $ python

Follow the prompts. This will generate the initial config/

Set up the initial migrations:

A specific makemigrations is needed for the auth_user table:

 $ python makemigrations allauthdemo_auth

Build the database schema:

 $ python migrate

Create the superuser:

 $ python createsuperuser

Tip: do not enter the same email address that you'll connect via Google/Facebook with.
In development I use a made up address like "[email protected]".

Add the social providers:

Run this for each provider you want to include.

 $ python set_auth_provider google GOOGLE_CLIENT_ID GOOGLE_SECRET_ID
 saved: Google (...)
 $ python set_auth_provider facebook FACEBOOK_CLIENT_ID FACEBOOK_SECRET_ID
 saved: Facebook (...)

This essentially runs SQL like:

 DELETE FROM socialaccount_socialapp WHERE provider='google';
 INSERT INTO socialaccount_socialapp (provider, name, secret, client_id, `key`)
 VALUES ("google", "Google", "SECRET", "CLIENT", '');
 INSERT INTO socialaccount_socialapp_sites (socialapp_id, site_id) VALUES (
   (SELECT id FROM socialaccount_socialapp WHERE provider='google'),1);

Check it's working:

 $ python runserver

Load the site at

You should see a landing page. Click "Join" or "Login".

Log into admin and change the default site:

Go to - you may need to log out, then log back in as the
superuser you created above.

You don't technically have to rename the site but the default "" isn't very useful.
In development I change the domain to "" and the name to " (Dev)".

Doing it over

When you're getting oriented you may find you want to start over for any reason.

If you're using sqlite as the database (the default), just remove the file and start
the sequence again:

rm db.sqlite3
python configure
python makemigrations allauthdemo_auth
python migrate
python set_auth_provider google ...
python runserver

If you're using Postgres or similar, remove and recreate the database.


Make the repo yours

If you've got the site up and want to use it as the basis for your own real site,
here's what I do:

Remove all the git history:

  rm -rf .git/

and start a new history:

  git init

Remove unnecessary files:

  rm LICENSE config/

Rename the "allauthdemo" directory to something more appropriate

Optionally rename the class auth.models.User to something more specific.
You'll need to rebuild the database (I suggest you do this after you've built the
initial app and renamed things anyway). Don't leave this too late as trying to
migrate the User class to a new name doesn't work nicely when you've got real data.

Check the auth.models.UserProfile class. The draft one includes date-of-birth (dob),
which you might want to remove.

Change settings so Postgres or another full database is used, not sqlite (which is
awesome, but not right for a real project!)

How I built this

The best resources:

Raymond's GitHub repo:

allauth docs:

Sarah Hagstrom's magnificent article:

I first worked with Sarah's example to understand how the components worked together.
Then I cloned the github repo and worked with the example directory, customising it to
what made sense to me. I moved it to use Bootstrap only and added some basic standard
stuff like a landing page and stubs for terms and contact.

I moved the bootstrap forms to use the bootstrap4 library. At the very least that
made handling Django "messages" better (though see my notes in "Rough Edges" below).
Read about bootstrap4 here:

Why I built this

I'd struggled with outdated Django registration modules before and was pleasantly
surprised to find django-allauth. Sarah's tutorial is superb but I wanted something
more full to use as a basis for future work, and figured it might help others.


Thanks to Raymond for django-allauth and Sarah for her tutorial.

Rough Edges

In no order:

I don't like the handling of Django "messages". The messages accumulate in the cookie,
which is weird on its own, and clear only when displayed. I don't get why it was done
that way. I'm sure there are better ways to handle it; I just haven't looked into it yet.

The default allauth rendering for profile (email, social accounts etc) is adequate but
could do with some work.

GitHub - aellerton/demo-allauth-bootstrap: Django sample app with users including social auth via Django-AllAuth
Django sample app with users including social auth via Django-AllAuth - GitHub - aellerton/demo-allauth-bootstrap: Django sample app with users including social auth via Django-AllAuth