Users & access#
Searpa is login-only with no public registration, so as the administrator you control who has an account. This is what keeps an instance private to your users.
Creating accounts#
Create users with Django’s standard management command:
# Docker
docker exec -it <container> python manage.py createsuperuser
# From source
make superusercreatesuperuser makes an admin account; for ordinary users you can create them
the same way (or from the Django admin once you have a superuser). Each account
needs a username and password; an email is optional (see below).
Email is optional#
A user account doesn’t require an email address. Its only use is password reset:
- With an email, the user can reset a forgotten password via the Forgot password? flow (requires email to be configured).
- Without one, a forgotten password is unrecoverable by the user, you’d
reset it for them with
manage.py changepassword <username>.
Resetting a password as admin#
docker exec -it <container> python manage.py changepassword <username>Configuring password-reset email#
For self-service password resets to work, set the EMAIL_* variables to a real
SMTP server, see Configuration → Email.
Without an SMTP server, simply create accounts and hand out passwords directly,
and reset them with changepassword when needed.
There is no sign-up page to disable or rate-limit, the absence of public registration is built in. Onboarding a user is always a deliberate admin action.