Django Expert

Django Authentication

Django provides a comprehensive authentication system that includes user authentication, login/logout functionalities, password management, and user registration.

User Authentication System

Django’s authentication system handles user accounts, groups, permissions, and cookie-based user sessions. It is designed to make web development both fast and secure.

Setting Up

To use Django’s authentication system, you need to ensure that 'django.contrib.auth' and 'django.contrib.contenttypes' are included in your INSTALLED_APPS setting:


INSTALLED_APPS = [
    ...
    'django.contrib.auth',
    'django.contrib.contenttypes',
    ...
]

Migrate your database to create the necessary tables:


python manage.py makemigrations
python manage.py migrate

Django provides a built-in view to handle user login. To use it, include the following in your urls.py:


from django.urls import path
from django.contrib.auth import views as auth_views

urlpatterns = [
    path('login/', auth_views.LoginView.as_view(), name='login'),
]

Create a template named registration/login.html:


{% block content %}
  <h2>Login</h2>
  <form method="post">
    {% csrf_token %}
    {{ form.as_p }}
    <button type="submit">Login</button>
  </form>
{% endblock %}

Logout

Similar to login, Django provides a built-in view for logout:


urlpatterns = [
    path('logout/', auth_views.LogoutView.as_view(), name='logout'),
]

Create a template named registration/logged_out.html:


{% block content %}
  <h2>Logged Out</h2>
  <p>You have been logged out.</p>
{% endblock %}

Password Change and Reset

For password management, include the following URLs:


urlpatterns = [
    path('password_change/', auth_views.PasswordChangeView.as_view(), name='password_change'),
    path('password_change/done/', auth_views.PasswordChangeDoneView.as_view(), name='password_change_done'),
    path('password_reset/', auth_views.PasswordResetView.as_view(), name='password_reset'),
    path('password_reset/done/', auth_views.PasswordResetDoneView.as_view(), name='password_reset_done'),
    path('reset/<uidb64>/<token>/', auth_views.PasswordResetConfirmView.as_view(), name='password_reset_confirm'),
    path('reset/done/', auth_views.PasswordResetCompleteView.as_view(), name='password_reset_complete'),
]

Ensure you have the following templates:

registration/password_change_form.html
registration/password_change_done.html
registration/password_reset_form.html
registration/password_reset_done.html
registration/password_reset_confirm.html
registration/password_reset_complete.html

User Registration

To create a user registration form, follow these steps:

Forms

Create a form in forms.py:


from django import forms
from django.contrib.auth.models import User
from django.contrib.auth.forms import UserCreationForm

class RegisterForm(UserCreationForm):
    email = forms.EmailField()

    class Meta:
        model = User
        fields = ['username', 'email', 'password1', 'password2']

Views

Create a view in views.py:


from django.shortcuts import render, redirect
from django.contrib.auth import login
from .forms import RegisterForm

def register(request):
    if request.method == 'POST':
        form = RegisterForm(request.POST)
        if form.is_valid():
            user = form.save()
            login(request, user)
            return redirect('home')
    else:
        form = RegisterForm()
    return render(request, 'registration/register.html', {'form': form})

URLs

Include the view in your urls.py:


urlpatterns = [
    path('register/', views.register, name='register'),
]

Template

Create a template named registration/register.html:


{% block content %}
  <h2>Register</h2>
  <form method="post">
    {% csrf_token %}
    {{ form.as_p }}
    <button type="submit">Register</button>
  </form>
{% endblock %}