Skip to content

Signals Reference

A signal is Django’s way of announcing “this just happened” so other parts of your app can react to it. django_social_auth_rest sends four signals - one for new signups, one for every login, and one each for linking and unlinking a provider. Connect a receiver to any of them to run your own code, like sending a welcome email, without changing anything inside the package itself.

from django.dispatch import receiver
from django_social_auth_rest.signals import login_successful
@receiver(login_successful)
def on_login(sender, request, user, provider, **kwargs):
print(f"{user.email} signed in with {provider}")

These signals use Django’s send_robust, which is a safer version of the normal send. If your receiver function has a bug and raises an error, Django catches it and writes it to your logs instead of crashing the request. So a mistake in your own code won’t break login or signup for your users - but it also means a broken receiver can fail silently unless you’re checking your logs.

SignalSent duringWhen it happens
new_user_registeredLoginThe first time this user logs in (more on this below)
login_successfulLoginEvery successful login, new or returning user
link_account_successfulLinkA provider is successfully connected to the user’s account
unlink_account_successfulUnlinkA connected provider is removed from the user’s account

Every provider - Google, GitHub, and any added later - sends these same four signals from the same place in the code. The provider value is how you tell them apart in your receiver.

from django.dispatch import receiver
from django_social_auth_rest.signals import new_user_registered
@receiver(new_user_registered)
def on_new_user(sender, request, user, provider, **kwargs):
# runs the first time this user logs in
send_welcome_email(user)

This fires during login, when the user logging in doesn’t have a last_login value yet. In plain terms: Django treats last_login = None as “this person has never logged in before.”

This signal does not fire when linking an account. Connecting a new provider to an account you already have isn’t the same as creating a new account.

When someone logs in for the very first time, this is the order things happen in, all within a single request:

  1. django_social_auth_rest creates a new user and links their social account.
  2. new_user_registered fires, because last_login is still empty.
  3. login_successful fires.
  4. You get back an access token and a refresh token.

If the user has logged in before, only steps 3 and 4 happen - steps 1 and 2 are skipped, since they already have an account.