is_active
Boolean. Designates whether this user account should be considered active. We recommend that you set this flag to False
instead of deleting accounts; that way, if your applications have any foreign keys to users, the foreign keys won’t break.
This doesn’t necessarily control whether or not the user can log in. Authentication backends aren’t required to check for the is_active
flag but the default backend (ModelBackend
) and the RemoteUserBackend
do. You can use AllowAllUsersModelBackend
or AllowAllUsersRemoteUserBackend
if you want to allow inactive users to login. In this case, you’ll also want to customize the AuthenticationForm
used by the login()
view as it rejects inactive users. Be aware that the permission-checking methods such as has_perm()
and the authentication in the Django admin all return False
for inactive users.
In older versions, ModelBackend
and RemoteUserBackend
allowed inactive users to authenticate.
Please login to continue.