Django: How do I use is_active of auth_user table?

from django.contrib.auth import authenticate
user = authenticate(username='john', password='secret')
if user is not None:  #to check whether user is available or not?
    # the password verified for the user
    if user.is_active:   
        print("User is valid, active and authenticated")
    else:
        print("The password is valid, but the account has been disabled!")
else:
    # the authentication system was unable to verify the username and password
    print("The username and password were incorrect.")

This will be helpful for you to understand django authentication.


An inactive user is one that has its is_active field set to False.

As of django version 1.10: The ModelBackend (the default authentication backend) and RemoteUserBackend authentication backend prohibits these inactive users from authenticating. So, if you use those backends you won't need to use the following style:

#authentication has been successful now...
if user.is_active:
    login(request,user)
    #redirect to success page
else:
    #return disabled account error message

If a custom user model doesn’t have an is_active field, all users will be allowed to authenticate. Previous to version 1.10 ModelBackend allowed inactive users to authenticate- this was useful first where you allowed the user to authenticate and then you allowed a user to activate their account (only after they had successfully authenticated).

Please note that the @login_required decorator does not check for the is_active flag on the user. @login_required

check AUTHENTICATION_BACKENDS to see which ones you are using. see https://docs.djangoproject.com/en/1.10/topics/auth/customizing/