Registration with django-rest-auth: where to set allauth settings (email verification/required username)

Question

I'm using django-rest-auth with the registration add-on, which uses django-allauth to implement signup, confirmation, social sign-in, etc endpoints. It's largely working, however I can't figure out where to put certain settings such that the registration and other auth endpoints will respect various allauth settings. My current issues are:

1. Users can login without verifying their email- the allauth setting ACCOUNT_EMAIL_VERIFICATION (default='optional') controls whether this is mandatory
2. Users must provide a username at signup, despite one not being required by my user model (email address is my username field)- the allauth setting ACCOUNT_USERNAME_REQUIRED (default=True) controls this

I've attempted to add the above settings to resolve these issues, but the registration and login endpoints don't seem to respect them. For example, from my settings.py:

....
ALLAUTH = {
    'ACCOUNT_EMAIL_VERIFICATION': 'mandatory',
    'ACCOUNT_USERNAME_REQUIRED': False,
}
....

However, in looking at both the allauth and django-rest-auth serializers, the allauth settings are checked in the following manner (from the django-rest-auth LoginSerializer):

# If required, is the email verified?
    if 'rest_auth.registration' in settings.INSTALLED_APPS:
        from allauth.account import app_settings
        if app_settings.EMAIL_VERIFICATION == app_settings.EmailVerificationMethod.MANDATORY:
            email_address = user.emailaddress_set.get(email=user.email)
            if not email_address.verified:
                raise serializers.ValidationError(_('E-mail is not verified.'))

Looking at the django-rest-auth/registration RegisterSerializer is similar:

try:
  from allauth.account import app_settings as allauth_settings
  from allauth.utils import (email_address_exists,
                           get_username_max_length)
  from allauth.account.adapter import get_adapter
  from allauth.account.utils import setup_user_email
except ImportError:
  raise ImportError('allauth needs to be added to INSTALLED_APPS.')
....
class RegisterSerializer(serializers.Serializer):
  username = serializers.CharField(
    max_length=get_username_max_length(),
    min_length=allauth_settings.USERNAME_MIN_LENGTH,
    required=allauth_settings.USERNAME_REQUIRED
  )
  email = serializers.EmailField(required=allauth_settings.EMAIL_REQUIRED)
  password1 = serializers.CharField(required=True, write_only=True)
  password2 = serializers.CharField(required=True, write_only=True)

In both places, the allauth settings are imported directly from allautha.account.app_settings instead of settings.py, as I'd expect. In the allauth source on github, I can see the app_settings file, however does that mean I need to place my desired settings there? Isn't the point of settings.py to be a single spot to collate settings for installed apps?

Answer 1

Figured it out- this turned out to be pretty easy, and I guess something I could have gathered from the docs, though its far from clear.

Rather than defining allauth settings in settings.py like this:

....
ALLAUTH = {
'ACCOUNT_EMAIL_VERIFICATION': 'mandatory',
'ACCOUNT_USERNAME_REQUIRED': False,
}
....

It needs to be done like this:

ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
ACCOUNT_USERNAME_REQUIRED = False

Just directly in settings.py, no identifier needed. I'm not sure why they aren't in their own section, but this definitely works. Hopefully you don't have another app with identically named settings- though I'm sure there's a way around that.

I found this question + answer that clued me in.