Comprehensive Django Authentication Guide

Aug 30, 2024

Full Authentication System Tutorial Notes

Overview

  • Building a full authentication system in Django.
  • Features include: login, register, log out, and reset password.

Demo Walkthrough

  1. Signing Up:

    • Input: Name (Jane Doe), Username (test user), Email (theprotonguy@yahoo.com), Password.
    • Register the user.

  2. Login:

    • Validations for login credentials.
    • Incorrect password shows "invalid login credential."
    • Successful login redirects to homepage (only accessible if authenticated).

  3. Logout:

    • Redirects back to the login page.
    • Cannot access homepage without logging back in.

  4. Reset Password:

    • Input email associated with the account.
    • Validates if the email exists in the database.
    • If valid, sends a reset link via email within 10 minutes.
    • Invalid IDs or links redirect back to the reset password page.

Setting Up Django Project

  1. Directory Structure:

    • Create a folder for the Django project (e.g., FullAuthentication).

  2. Virtual Environment:

    • Use pip install pipenv to create a virtual environment.
    • Activate virtual environment with pipenv shell.

  3. Install Django:

    • Run pip install django.

  4. Create Django Project:

    • Run django-admin startproject authentication_project.

  5. Create Core App:

    • Navigate to the project folder and run python manage.py startapp core.

Code Structure

  1. Templates and Static Files:

    • Create a templates folder for HTML files.
    • Create a static folder for CSS/JS assets.

  2. Register App and Templates in Settings:

    • Update settings.py to include the core app and template directory.

  3. URLs Configuration:

    • Create urls.py in the core app for handling routes.
    • Include app URLs in the main project urls.py.

User Authentication Logic

  1. Registration:

    • Collect user inputs (first name, last name, username, email, password).
    • Validate inputs (username and email uniqueness, password length).
    • Use User.objects.create_user() to create a user.
    • Use Django messages to show success/error prompts.

  2. Login:

    • Authenticate users using authenticate() and login() methods.
    • Redirect authenticated users to homepage.
    • Show error message for invalid credentials.

  3. Logout:

    • Create a logout view using logout() method.
    • Redirect users back to login after logging out.

  4. Reset Password:

    • Create a view to handle password reset requests.
    • Generate a unique reset ID when a user requests to reset their password.
    • Send an email with the reset link (using Django's email capabilities).
    • Create views to handle reset link and password update.

Final Steps

  • Ensure to test the entire authentication flow.
  • Use tools like Postman to test API endpoints if needed.
  • Generate a GitHub repository for the project code.

Additional Resources

  • Links to Django documentation for further reading.
  • Community links for discussions (Discord, Telegram).
  • Code examples available in the GitHub repository.