Revision history [back]

Here is a general process for verifying an email address in Django:

1. When a user registers, you save their email address in your database along with a unique verification token generated using Django's built-in secrets library.
2. You then email the user with a link that includes the verification token as a parameter in the URL. For example, http://example.com/verify-email?token=abc123.
3. When the user clicks the link, your view checks the verification token against the one in the database. If they match, you mark the email address as verified in the database and redirect them to a success page. If they do not match or if the verification token has expired (which you should set to a reasonable timeframe), you redirect them to an error page.
4. You can then use the is_verified flag in your User model to restrict access to certain parts of your site for unverified users, or to send them reminders to verify their email address if they try to access restricted content.

There are many ways to implement email verification in Django, so this is just one example. You can also use third-party packages like Django-allauth or Django-registration to handle the verification process for you.