Complete Django Rest Framework JWT Authentication System

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello jle developers I'm enited to bring to you another interesting ultimate jingle restor authetication course in this tutorial we are going to be building a complete Jason web token authentication rest API service which contains everything you need for a r time rest API authentication Service including registering a new user logging a user log out a user email verification with OTP password reset and also we also be implenting social authentication which includ authenticating with Google and authenticating with getop and maybe Facebook and one interesting thing is we're going to be building this without using any of the popular third party notification package that jingle provide we are going to be building this with just jingle rest workor and the jingle rest simple JWT all right so this is going to be a complete authentication package that you can easily customize to your need we're going to be using the custom user model and just use integrate it into your own project and second we also going to be integrating it with the react front end that you can already see in your screen now and we're going to building react and front end to test out our apis and lastly you're also going to be learning how to effectively use refresh token in the front end because our asset token is going to be short so our refresh token is going to automatically refresh our asset token using the Asos Interceptor all right so we're going to be doing a lot in this authentication Service is just a complete notification module that you can integrate into your project it's going to be a fun time with you guys all right so if you've not subscribed to this channel it doesn't cost you money to subscribe please subscribe to help Channel grow and also give this video a thumbs up all right I've already had a basic jingle application set up nothing too much just to speed up development time and not to bore you with the need to have be installing jingle creating V environment and all that so I went Before Time to create create a virtual environment all right in any choosing folder of your choice and install jingle jingle rwork and jingle rest simple I've created a simple jingle project called Jingle rest and also create just two app we have our account app and the Social account app created so if you check our requirement TST fire you see the package that we've install just jingle jingle cost jingle Environ and jingle and jingle work simple JT so these are the basic we've done we've installed them already we have if we go to our settings file let's see what we've done in our settings basically we just added the jingle framework and we added the account app the Social account app the cost header and also the cost header middleware which is here as this part of it so these are the basic set of I have done so we're going to pick up from here so firstly before we start creating our custom model I want to set up an environment file all right environment file is actually used to keep sensitive datas secret while we create environment variable that we can use to access to secret datas all right so we install a package to actually handle that which is the Jingle Environ so we're going to set that up just create a inv in your root directory here call it EMV all right so this is the file that we use to create keep sensitive data so we need to set it up so that our jingle settings can actually read any kind of credentials that we put in here so first of all we're going to import the go to the top of our settings file here we're going to import the Environ this Environ is actually coming from this package that we install which is jle Environ so you know import here we just bring in the variable n the bals to first put the type here just to set casting you can get all this from the documentation of the jingle Environ all right next we are to set the variables to read so see n read this we used to read the environment file from our base file so basically this is all we need for our jingle settings to be able to get values that we placed here all right so that's not all once we save this now we just in our settings we just need to grab secret key here we create variable called secret key I equals to the value we the string column all right so once we save this in our settings we can easily read this one but basically just by just calling the M sorry in lower case the M follow by string then we call the which is the variable that we past in here that's this variable here so that's that so any other credentials that need to be kept secret we can also add them like in our debug also take our debug all right setting debug in environment F we also create the variable of the B all right so any other files that we need to any other information that we need to bring in there we take it there for now those two are okay so we can save that now and secondly we move over to our model we can start creating our user model as you already know J comes with bu user model which allows us to log with password and username which is session authentication but it jingle always advis on the documentation we are advised to always create a custom user model whenever we building jingle project all right and jingle provides for us two ways for actually to two ways for us to actually Implement custom user model we can use an abstract user class or abstract based class the as user class actually allows you to add on top of what the jingle and user mode already have probably you want to add maybe extra feeds you can use the abstract model but when you want to build your own user model from scratch from Bare Bones we use the arra based class so for this tutorial we're going to building our own user model from scratch so we're going to be using the as based class which we're going to import so we want to say from jango.com cont model you can see it's giving us a hint class and also going the permission missing so what the permission missing does if you over it you can see give a brief explanation of permission missing it says add feeds and Method necessary to support groups and permission models using model back end all right so then we also need to import get l test I mean so we're going to be using this so we can create our class now I'm to call it user also which is going to on the arct base class and the permission Miss so here we can start specifying the feeds that we want to see in our own user model so here we Define the feeds that we want so it's definitely going to have an IM feed which is going to be the mod feet here we're going to set the M length here we're going to make it unique so we're going to set unique say unique equals true then we want to set the the verus name and the veros name we're going to set it with the get lazy test which was this get test lazy that called as underscore def find the name call it email address that's for the address then we can just add first name which is also going to be a character feet all right so the same thing for the last name you can just quickly just grab this and rename it to last name change the name to last name all right so if you have any other custom feed maybe like phone number the age or whatever you want to put there you also put that there and after that I'm going to bring in all the buum feits that is needed like is AD me stuff so we need down so the is AD me which is Staff sorry is staff is super user then we want to add is verified which we're going to be using for verification is active date join and last login so next we're going to create the username feed so we're going to say username feeds and this is the feed that we want to use for our log so it's going to be our em feed so we want to use the EM feed so then we need to specify the required feed all right so this is going to be a list so the list what want inside the list is going to be we want the first name and the last last name then we need to set the objects which we've not created so we're going to say object equals to our user manager we've not created the manager yet we create it shortly Define our string representation ss. we can also Define a custom um function method to get the full name of the user can get say get full name sorry get full name and this is basically to turn the the full name of the user can use the F string and which pass in the s first name space do last name all right so this is going to return the full name remember we going to be doing token just toen authentication so we're going to create a method which we're going to Define as called tokens sa for now we're going to just give pass then and this we're going to make this a property a property on top of the get user model get the full name I mean with all this said so let's quickly create the user manager so I'm going to create everything for better organization I'm going to create a manager file so we're going to call it manager so create a manager module here we're going to Define our user manager all right so let just quickly import user manager we saying for manager import the the user manager which we've not created managers also update it here all right so that's that so let's head over to our managers. py and create the user maner so here we also going to importing some things so we're going to import from Jango [Music] country. model just want to import the Bas user model all right you can see it's giving us an hint then secondly we need to import validation error from jle j. exception going to import validation error we also going import from jingle doore validators and this time I want to import the validate _ all right so using this one to validate our Emil feed then we also need the get test lazy let just grab it from here we it before all right we bring that in so we good to go so let's create a manager class we're going to call it user manager that's what we call it which is going toate on base us a manager class all right so here basically first of all we're going to create a simple function called em validator so this is basically going to take in sa to refer to our class then the email that want to validate so here we're going to put in the trans sub block first of all we need to pass the IM first TR pass to the validate email and we're going to say SE we have a validation error then we want to raise a value [Music] error all right so we're going to use the underscore for test lazy this is the underscore for get test lazy yeah we're going to bring the test string by saying please enter a valid email please enter valid email address all right so I get our validate method validate method so we can def find our normal create user all right create _ user method is also taking safe and texting the email and also other required Feats remember we have required Feats and mod all right which are the first name and last name so we're going to pass in the first name last name then we also going to pass in the password and extra exra feeds all right so these are the arguments that we pass into this function so first we're going to check if the user provides an email so we want to say if email is provided then we need to start our email validation by saying Emil first of all pass to the sa the normaliz email passing the email and if it's a normal email we want to call remember we call it call it em validator call Em validator and pass Emil all right so this will make sure the Emil is valid Ed then if for some reason maybe the email the user did not provide that email so say s and EM was not provided then we need to raise a value error all right so if an is raise a value error and use T going say an email address is required all right so that will be our email validation then next we need to check is say if not first name that means if the user not provide first name so we also want to raise eror so I just grab this so if not us first name that means us Prov so say first name is required same [Music] for so here we're going to create the user by saying user equals to serf model all right so here we're going to pass in the feed by saying the email equals to our email first name go to first [Music] name last name just like that go our last name then put in the extra feeds all right so once we do this we want to set our password that's say user do setor password and this want to pass the password all right so this will help us hash our password this set password method we hash the password for us so once we that want to save I say user save and here we're going to see using all this are jingle documentation you can actually see them there so we say save doore DP all right so once we do that we want to return the user all right so this will create our user for us so next we need to quickly create the create super user all right us this going to take in the same parameter so we just grab this all right so so yeah we need to set some default values for the staff is super user and is verified so here we just say extra fit to set default for his staff want to say it to True also for his super user want to say it to true for his verify so we want the super user to be verify automatically so we want to make sure that when user us is created the St and his admin is are actually true so we're going to create a very simple check let say so want to get extra fe. get is staff is not true if it's not true we want to raise a Val error say stff true for ad user similarly we do for also so these are the basic validation we create for this so once we have this we're going to create the user by say user equals to save this time we're going to use a create user so we're going to use a create user method that we defend up yeah so because we accepting the same Fe we're going to pass in the Feats just the way we pass them in so passing the feed so once we create the user we want to say the user let's say and say using goes to sa doore DB so once we save the user here we want to return the user all right all right that's all our user manager we can save this and then back to this place we can let's make sure we're importing our importation is correct is user manager save this so before we make our migration we need to set the model user to let jingle know the new model that we want to use set the user model we going to set itals to our own accounts account. user which is the model that we defend here user model all right so we need to save that so so once we have that set up so we can we can run our migration now let's double check and make sure everything is all right all right so this ought to be usern name Fe not fitore Feit all right so let's check if we have any other issues right so that the way we can make migration now run our Migration by running python manage make migration [Music] all right you can see creating mod user so let's migrate all right so this will create a migration for us okay so that's cool so let's create a super user let's also run p manage. p create super create super user you see it's asking us for email address we can just put add me one at gmail. asking for first name can say first name is Henry last name is James [Music] password yes we want it to be created all right our sper was created successfully quickly add the moded to our ADI right so we just quickly say from Mod we need to register [Music] it all right so we have it registered so we can start our server now and see if we can log in with our admin user run and server all right and server run perfectly well right that means everything is fine so let's go C 27 then want to go to the admin so you can see uh email address is correct and password is required so if we put in the admin password and the admin sorry the admin user email and the admin password and if we log in you can see we can log in as our admin the user model is there all right so that means our custom user model is actually working fine so moving on from here we're going to start working on our user cizer so inside our account app we're going to create cizer [Music] Pizer dop all right see from rest framework we want to import serializers all right so first want to create uh user serializer or you can call it user register serializer let's call it user register serializer all right so this is going toer all right so yeah we need to Define some feeds like the password feed which is going to beizer CH feed this just going to have a mass length mass length of let say 68 and can also give the M length of let's say six one then here we can set the write only equals true all right want the user to be able to provide to write their password but we don't want the password to be returned back to the user password should not be part of the respon so we need a password two for password validation all right this also going to be I mean password validation talking about confirm password so this also going to have a m of same 68 and M also same thing and then we need to create a class meta and set the model which is going to be your user model with imported that yet so we need to import that from that's model user here we need to set the feeds so we want the email first [Music] name then the password on the pass password two all right all right so these are basic user and register serializer later on we're going to be find the validate Method All right so we come back to this later on and also we also need to create the find the create method this your create method we also come back to this but for now let's just save this and then head back and to our view now we're going to create a view to to register a new user and secondly we're going to create the model for one time password and we're also going to create a utility functions to actually send the generated onetime password to the user so in here we're going to import say from rest framework generic we want to import the generic API view then also want to import as realizer can see realizers want to import the think we call it user register serializer Also let's import response from restor do respond want to import respond object so we can start to create a we're going to be using class space view so we're going to create our register user register user end point so this going to inherit from the generic API view so here we can find our serializer class which which is going to be our user register fizer then we're going to define the method we want to hit which is the post Method All right so this going to take inself this going to take in the request all right so those are the basic arguments so yeah we're going to be expecting the user data which is going to be coming from request. data so once we get the user data from the back end from the front end and me we want to validate them through Aizer and if they are valid wants to save them to our database and send an email to the user a verification code so that's what we're going to do so here we're going to Define a variable we call this variable serializer which is going to be our s serializer class and the data is going to be our user data so in this case we're going to say if cizer do is valid call is valid method so this is valid method is going to trigger the our validate method here so we're going to Define basic validations here once we call this validate here we can raise session so it to true all right so once we have that we can if it's valid we want to call this realizer do save all right so we want to save the user data to our database to send an email so we're going to say user in this case is equals to the data all right that's the save data already so here we're going to call send email function which we not created to the user email so the user email we're going to get from here accessing the user email like this so we're going to send that message there so that's that so once you send it we want to return a respond here want to send the user object and going to construct sorry construct message message here which we're going to have the data this is going to be our user object then we also want to send a message make an string we can say whatever the user's name is all right so you can just construct your message okay so that's fine lastly we want to send the status code in this case we need to import status from restor all right so here we're going to put in status here which is going to be all right then and if for any reasons the validation FS here we also want to return another [Music] respond all right so that's all for we not created the send email function yeah we create that shortly and work on a serializer validate method and also a serializer create method so in our app in our account app we're going to create URL 55 all right so Qui bring in a url jle url bring part so here we set part register so we need to also import the um and also we need to bring this into our project and URL so now project URL we just quickly bring this in slash say version one account app. URS so what we need to do now we need to complete our serializers we need to create the validate method and also the create method for our serializer right here the in the validate method what we just want to do is to compare the password the two password that user provides because that's the only validation that we do your account for at the model level all right so here we're going to get let's say the password one from attributes these attributes the incoming dat that has been passed to the validate method so mty string me user provide the password and password two two all right so we just say if password is not equals to passord two then we want to raise validation error sorry and the message you want to pass is just say password not match all right so basically that's what you want to do then once we validate the password match you just want to return all the attributes that's what the validate is where we create the user object so at this point where you have this you can say user equals to our user model we need to import that from not do object do create not create but create user right so in this case normally you can just put spread the dictionary object that is coming because the attri is coming as a dictionary object but we can't do it like this because the user is not just sending and the exact and data that is being inserted into a database they also sending extra password which is the password two so the password two is not actually going to be inserted into our database it's just for validation of the actual password to do is just enter the the datas manually by setting Emil which equals to the validated data all right and similarly for the others all right so we do also for the first name last name and the password so once we pass this we have the user object created so what we need to do we just need to return the user that was created all right so we return the user so we are good to go what we need to do next is to set up the image verification all right so we're going to create the utility function that will help us send this email to the user so in our app in our account app sorry we're going to create a file called it P all right so in here we going to create the function to actually generate our OTP and also the function to send an email all right there are a lot of ways that thisp verification can be done if you want an OTP that expires at particular time maybe that that short leave you can use a package called PP that package actually gives you a function to generate OTP that expires at particular set time all right so you can actually do that you can see that method in most applications on mobile phone but what we just want is a very simple light s em verification so we going to create a function that just generates a random sequence of number as an OTP and send it to the user so so that users can return that number to us back so that we can actually verify that that user image is active so first of all we're going to import the random modu from Python and second we need to import the EM message from Jingle to say from Jingle me the message all right we just basically create a simple function called generate OTP very simple function I just generate us OTP OTP set string then basically Loop sorry we just look through say for in range range of six numbers want is six numbers we just want to create the OTP say OTP plus equals then we want to be a string so say string of random not Rand Rand eight and want to R between one n you want to return the string say return OTP like I said this is not the best way of doing this yeah's a package for it called ire OTP that generates an OTP for you that expired at the particular time you can use that package but for Simplicity s we just do it like this to generate a random numbers between H one and N right so this will give us a random number so we need to create another utility function called and we call this send OTP email or send code users so this is going to take the email of the user and here we're going to construct the Emil that I want to send two things we're going to do we're going to send the codes to the user and also we're going to create an CP mod all right so let's quickly just head to user mod below user mod we just create another model we call this one we call this one time password model model and here this is going to have the user which is just going to be one to many one to one sorry not one to one to one feed all right and want to have the code all right so we just return the string presentation of s. first name then pass code they will make need to make migration but before that we head back to the so here we're going to construct our Emil we just say the subject so here we're going to say passcode for email verification yeah we want to get the OTP code called the generate OTP code so this is actually going to return for us the OTP code all right so once we have the OTP codes we want to get the user so we're going to say user which Beal user model object we going to import that also get this time want to get user when equals to theil that was provided remember we pass to this function this give us user we need to import our user model mod also the one time password model so we have user this actually we can get our domain name but you can just give it name my. so here we create the IM body so can just see IM body this will just be a simple string so can you create simple say hi user username because we're getting the user already and say thank you for signing up but on our site as the site name please verify your email with the one time passcode so put the passcode here so you can construct a better message from which Emil is going to send this we going to get this some settings say settings do default so we to import settings say settings do default from email we not bringing our email settings we bring that shortly so once we have our email body we have an from email we have the subject then we can create the one time password just see one time password. object. create here the user all right generate the OTP in our database and once we do that want to also send the email we going to say to call the EM so say pass em message we pass in parameter then the two Emil sorry two email need to be a list so that's all we need to send the email so once we have that we can just just do the we can give this a better name we just change it to the emage so we can say send this actually sendage so can the face so true so that's send our image for us so why we are using just this simple current site and doain for the site because the current site or the domain of the site is going to be our front end domain all right so we can't use and the back end back end the is going to be hidden all right but for now we just going to leave like this but that's not what we are here we just want to be able to send the OTP to the user all right so this will actually send the OTP to the user method here so we need to import it all right so this we need to import so we going to import it from send codes to user and we have it here so we need to pass in the user email all right all right so this is how will send it here so in a production case you can send this email with celer so avoid delay all right so can use celery to actually send this so this will be so that's about that so we need to One Last Thing Before we can actually test this art is we need to set up our IM configuration so I'm going to be using m test you can use Google or you can use any other SMTP server that's available to you so to set up our email server we just head over to MRA all right so go to MRA sign up it's is a free account is a test you can use to test your email and um if you want to actually send re emails you have to pay for R but we're going to be using the free version which will enable us to test our email we be able to see our email messages reflect here so once you sign up you head over to SMTP settings it comes to integration you just select your platform our platform jingle you see we choose Jingo so it will give us our email passw other so I just grab this now and bring it into our settings set it up so you can't use my already after this I'm going to actually refresh reset my credentials all right so all right so bring it into your settings I already bring into the settings and put them in my environment F what I added to it was just the default from email you can s this to any D email that you can want this doesn't really matter so it's just for dummy testing so we set it to eo.com so this just a dummy okay having done this what we need to do is just two things so we can just run migration once we done run our migration we can test our API through postart so run Pon man of P migrations right so this are making migration for one time password so we need to migrate migrate right so once migration is done we can actually run our server all right so run our server so we can try out our API now test if we can create a new user if our email is being sent let's head over to postman now I'm in my post man now so I'm just going to test by ENT the URL part and the post request then the body let's just use ra going to send Jason Roots all right so now we have our credential so let's test our API we have our email first last name password and password reset our password confirm which is password to so let's quickly send our post request and hope everything work fine so if we hit post we are getting 400 so let's quickly check and find out what the issue is we are getting password feed is required to seems something is wrong somewhere let's quickly double check oh we misp our password to feed then let's check if we can get our validation error so in case we miss the password and let's just hit send okay we can see we are getting password not match that means everything's actually working fine we are getting our validation error as as as we specified so let's put in the right password now and we hit send who we're still getting passwords do not match but our password do match but we still getting password not much so it seems we are still having error so let's quickly double check and find out what issue is we have little error here this is my fault I password here so that's why we are getting that error so let just correct spelling here to password all right so that's that was the reason why we having that error so sorry about that so let's save it and head back and just retest it a new password so so let's hit send it's going to take some time because actually sending an email go faster but we still getting an error so let's see where the issue is coming from say return dictionary had no attribute first name we are getting that from our account view. line3 in the post request okay talking about here sometimes it do work like that so let's just the dictionary we can actually print out the user first name so let's actually check it's actually failing is are respond here3 you have user is failing there so let's quickly see if we have to have first name and say it doesn't have first but let's check our email all right our email was actually sent you can see hi John we actually get the first name and which he complained about he's actually getting the first name this we can just just take this out this doesn't really matter but we'll see what we have in our respon so he was complaining about the first thing that passed in here so we can take this out but we can also check what we are have in our in our user and return thata so let's try one more time all right though our email was worked fine we are getting our passcode well let's try and log in another user all right so let's change the email let's say this is test user two to maybe James and this will be all right so we can leave the password same so if we if we send a request now all right we are getting our response so our user registration end point is working and we can send Verification codes so if you check our M you can see the second verification code it was actually sent and if you click on this you can see hi James thanks for signing up all right so we're going to end this video here in our next video we see how we can actually use this codes to verify our email and also how we can generate a jto token for our user thank you guys for watching don't forget to subscribe and give this video a thumbs up
Info
Channel: Henry Coding stack
Views: 5,209
Rating: undefined out of 5
Keywords:
Id: Zo2Uupw2hNg
Channel Id: undefined
Length: 46min 24sec (2784 seconds)
Published: Fri Oct 20 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.