Leveraging Django’s built in session and authentication system - granting access

If I implement user authentication and sessions using Django’s builtin suite of Mixins / @login_required decorators for my project views in all the appropriate places, is there a way to configure Django so that by default newly registered users have zero (no) privileges until the Admin user manually approves/adds them to the write group granting them access? Is this even possible?

To elaborate further, after a web visitor submits their username and password to create their account, Django will need to present the prospective user with a page that says: “Thank you for creating an account. Please check back later when the admin approves your request to begin posting content”. Then when I (the superuser) see a registration request come in, I will identify the individual in RL, and then grant them the ability to proceed to login to begin posting content.

The whole site should be available to the public. I just need a way to manually verify registered users selectively and individually first before allowing them to login the the Admin Dashboard to begin posting their blog content.

• Create a group for “Approved Users”.
• Create and assign some generic permission to that group. (e.g. “approved_user”)
• Use the permission_required decorator or PermissionRequiredMixin to control access to the views.
• Provide a UI for the administrator to add / remove a User to that group. If you’re talking about them having access to the Admin app, then setting “is_staff” to True would provide the same result.

Side note: I may well be wrong, but these last two posts give me the impression that what you’re really building here is effectively a CMS. I would encourage you to check out Wagtail or DjangoCMS for guidance and ideas regarding the implementation of CMS-like features.