If you use Django AllAuth and have a custom account adapter, you may find you run up to against rate limits that prevent successful testing of the many unhappy paths of user signup workflows.
allauth.account.adapter.DefaultAccountAdapter
I did not notice this until I overrode the clean_email()
method of my custom adapter, after noticing some unhandled pentest reconnaissance in user signup on a production system.
This can show up as a Warning: Too Many Requests
with the test assertion failure on a subsequent line related to some expected state for user account creation or maintenance.
Builtin rate limiting was added to the package in 0.48.0
(early 2022) and can be disabled in your custom test runner or elsewhere by ensuring the following is set in your settings.py
:
ACCOUNT_RATE_LIMITS = {}
There are a variety of different behaviors that can have rate limits set to them in normal production usage. See documentation on ACCOUNT_RATE_LIMITS here.