'Django allauth not sending links with https

I want Django Allauth to send links like the confirm e-mail or reset password with https:

Something like this:

https://example.com/ca/accounts/confirm-email/picuwfpjpptjswi50x5zb4gtsqptmwkscea445kadnbsfwcyij3fdnblery4onuq/

According to the official documentation only changing the following setting in settings.py it should work:

ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"

But I keep getting the links with http instead of https like this:

http://example.com/ca/accounts/confirm-email/picuwfpjpptjswi50x5zb4gtsqptmwkscea445kadnbsfwcyij3fdnblery4onuq/

Am I missing something? Thank you!

djangohttpsdjango-allauth


Solution 1:[1]

Besides setting the "HTTPS" environment variable and SECURE_PROXY_SSL_HEADER SECURE_SSL_REDIRECT, also seems that can be problem when rendering template and sending mail with EmailMultiAlternatives() when .txt body is used as is in adapter.py render_mail() [1]: https://github.com/pennersr/django-allauth/blob/master/allauth/account/adapter.py

for ext in ["html", "txt"]:
        try:
            template_name = "{0}_message.{1}".format(template_prefix, ext)
            bodies[ext] = render_to_string(
                template_name,
                context,
                self.request,
            ).strip()
        except TemplateDoesNotExist:
            if ext == "txt" and not bodies:
                # We need at least one body
                raise
    if "txt" in bodies:
        msg = EmailMultiAlternatives(subject, bodies["txt"], from_email, to)
        if "html" in bodies:
            msg.attach_alternative(bodies["html"], "text/html")
    else:
        msg = EmailMessage(subject, bodies["html"], from_email, to)
        msg.content_subtype = "html"  # Main content is now text/html
    return msg

For example print(bodies[ext]) gave:

  "To confirm this is correct, go to " https://127.0.0.1:8000/accounts/confirm-email/MjI:1kS0Mj:M5YfUf9-1Vg_TlgjVrK6vAtaLDE/ "

but on email is still http://

 http://url7514.sitename/ls/click?upn=HJL2SSWV...

With most devices also this worked since should be redirected still to https://, but on some didn't, so had to change in default templates/account/email/email_confirmation_message.txt to html extension, after result :

To confirm this is correct, go to https://sitename/accounts/confirm-email/M...

Solution 2:[2]

If you use django behind a proxy, you have to send https headers to django. What works for me in apache2 was to put this on apache2

<VirtualHost *:443>
  RequestHeader set X-Forwarded-Proto 'https' env=HTTPS

After adding headers mod:

a2enmod headers

And this on django setting.py:

USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

With this all my build_absolute_uri started with https, and the same for templates, this include password recovery and auth mails.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 zoran
Solution 2 user3486626

Related Questions

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

Django models | get specific columns

python: can't open file 'manage.py': [Errno 2] No such file or directory

How to take a zipfile as a File object in django?

How to take a zipfile as a File object in django?

django: invalid syntax path('details/<int:id>/', views.details, name='details')

How do I install an old version of Django on virtualenv?

How to automatically login a user after registration in django

Took too long to shut down and was killed

Override save method of Django Admin

ValueError The QuerySet value for an exact lookup must be limited to one result using slicing on django views

django.core.exceptions.ValidationError: ['“” value must be a decimal number.']