Django Authentication Basics

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
all right so what I want to demonstrate in this video are the basics of using the authentication system that comes with a Django so I'll start a new project we'll call this authenticate and then I'll CD in to authenticate and I'll also create a new app I'll call this user example and I'll go ahead and add this to my sublime so I can edit the code okay so now that I have that I want to migrate so python managed table pi migrated and i also create a super user Anthony oh I have my email address and then I will add a password okay so now that I have the super user created I can go ahead and start the app and I will go to the admin page and I will log in using the user that I just created which is a super user so what I want to do is I want to allow regular users to ask themselves to my app and they will appear in this list for the users that I have on my admin dashboard so of course they won't have access to that I'm and dashboard but because there's already a system set up for handling users and Jango I can use that for regular users so what I want to do is I want to go back to authenticate and for URLs I'm going to add say path I'll put this on the route and I'll include user example dot URLs which I haven't actually created yet and then I'll also add some URLs that are given to me by Jango so I'm going to call this accounts and I'm going to include Jango docking trip dot off dot URLs so this is going to give me some URLs that I can use for a user management system and of course I need to add my user example to the installed apps and with that server should restart and include isn't included because I forgot to type it there so no user example died URLs because I need to create that file here so I'll create a URLs dot PI for user example I'll use this is the base for my URLs it's going to look very similar but it won't need to be the same exactly so I'll import path I don't eat this import from for admin and then I'll import views which I don't have any yet I'll add a blank route and I'll create an index I doesn't really do anything yet but just to add index I'll start it here okay and then in the views I will create an index and I'll also create a template so user example slash index dot HTML and then finally I need to create a template directory inside of that directory I'll create another directory called a user example which is the name of the app that I have and then I will create a new file index add a little bit of HTML the index this is the index page okay so let's see if that is all working so I'll restart my app and it looks like everything is ok so when I click on the link to go to the base URL 127.0.0.1 I get this as the index page and if you remember I added the URLs for accounts so what I see here is a list of URL that I have available so it's just telling me that I can't find the URL that I answered accounts because I don't have anything for yet but I do have these in points here so log in log out password change password change done password reset reset and reset done and accounts doesn't actually have anything here I misspoke but accounts slash something so like accounts slash login will give me another page and now it's telling me that a template doesn't exist for a login so what I'm going to do is I'm going to create that template and it should be a pretty simple template but instead of putting it in the user example directory I'm going to create a new directory under templates and I'm going to call this registration in registration I will create a new file and I will call this login I HTML because that is what Django is looking for so Django automatically will search for a template named registration slash login dot HTML anytime you go to the login in point because of the URLs that I have imported here with this include Django contribs if I didn't include that then nothing will happen when I go to this or lease it will give me an error but it would it wouldn't give me this error just tell me that it could not find it but this one is a very specific error of template does not exist so what I'm going to do is I'm going to create a very simple login form so login and it's going to pass in a form and if that form has any errors I'm simply going to say there's something wrong with what you entered I don't want to get specific on what that says because that is something that you would do in your app and then the typical example is just saying if there's a next URL you will say something like hey you can't access that page so I'll say that hey you can't access that page and then also I can say something like form method posts so now I'm creating the form for logging in so the URL for a logging in is going to be log in so just add that here and once again this is something that you don't create you don't create that view but you do have to reference the view in this URL here so use this properly you need the cross-site request forgery token and then you can start to fill out the rest of the form so the form is going to have just really two things a username and a password so formed a username form password and then I want to add a submit button and then I also have the hidden input for the next value so I don't think I'll be demonstrating the next value in the example that I'm working on here but just know next is just whatever URL they were trying to access that they don't have the ability to see it will redirect them to the login page and that next will be passed in the URL so after they log in they can be sent back to that page but when I do a full example of how the user authentication system works in Django I'll include that so I have all that let's see if I can see that when I load the page so I see here I see two fields so let me just add a label here so it's a little more clear I'll call this username and then this one is going to be password so at the closing there and then outputs a paragraph around the input okay so now if I log in with that same information that I registered with it does something I try sending me to accounts slash profile but that doesn't actually exist for me so what I want to do is I want to change the log and redirect URL and that's just a setting that I have to change in the app so I'll go to settings and at the bottom I can put this anywhere just make sure it's all caps so login underscore redirect underscore URL and I'll just put slash meaning the index so when I log in again type Anthony and then my password it sends me to the index page so as you can see I already have the ability to log in without having to do that much work now for the registration if I want to create a new user I have to do a little bit of work there but it's actually not that much so what I'm going to do is I'm going to go to the views and I'll add a second view and I'll just call this register and what I'm going to do is I'm going to import the user creation form from Django contribs I want to import user creation form and I'll instantiate it here what I'm going to do is I'm going to render this by passing requests given a template so the template doesn't exist yet but I'll create it I'll call this registration slash register and then I'm going to pass a context which I'll create right here I'm just going to take the form and send it to the template so I need to create a new file called register dot HTML and in this file I'm going to create what's necessary for registration screen so let me just add some basic HTML register and then I'll create a form so once again this is going to be a form just like the login form and the action is going to be my register view so URL and register I haven't actually put a end point for register yet so I'll do that right now I'll go back to the URLs for the user example app and now at that I'll save register use dot register and I'll call this register as the name okay so I'll go back to that simpler that I was working on and see I'll close out the form down here and in the middle of it first thing I need to add is the cross-site request forgery token if I can spell that correctly and then I will say if formed Ayers this just simply means that something went wrong trying to submit the form there are errors in the form and then in diff and then basically I can just render the form as is and I need to add an input so type submits and value is going to be register and then that should be it so with that I should have the register route working or the register endpoint so I'll go to slash register when I see this page here so this is the thing I just created just now and just to verify that what I'll do is output a header tag registration page and I'll refresh this and I see registration page here and if I create a username so new user create a password for this new user and then click the register button it will send that information to my register row of course I don't have anything in my view for register so let me go back to my views and what I want to do there is I simply want to add in the information necessary so this is going to cover two cases get in post if it's a get request just display the form if it's a post request so requests that method equals post then I'll do something slightly different so let me ask the else statement here and then what I'll do here is I will instantiate the form but I'll pass in the post data when I instantiate it so now if I say if the form is valid meaning that the data that they passed in is okay I'm going to call form dot save well-formed save does is actually creates a new user because the form is based off the user model it is going to create a new user with the data that is passed in from the form then after the user is created I want to authenticate that user so I'll create a new variable called user I'll run authenticate which I need to import from Django contribs acade I'll also import log in and authenticate I need to pass in the user name and this is going to be the username that they just created I'll create variables for this so user name password the user name is going to be form cleaned data the username and then the password is going to be similar clean data and I believe this password 1 because with this you have to verify the password so this should be password 1 this should be passport 2 I can verify this by looking at the HTML and I see yes it is password 1 as the name so I just use password 1 as the name and then I pass in the username variable and then the password variable as well and this will authenticate the user immediately after they register once they're authenticated it's going to return that user to me and I can then login with that user so the first thing I needs to pass into login is request and the second thing is user and then finally I'll redirect them to the index so what I'll do here is I'll import redirect and I'll redirect them to the index and I need to return here so just as a recap of everything that went on and because that was a little bit much so the data that gets passed since the form is going to be checked to see if it's valid so that's what the form is valid means here form dot save will actually save that information to the database thus creating a new user these two lines username and password are just getting the data that was passed in from the form clean data just means it's getting it from the validated data I have this extra line password here that was a mistake and then on line 16 it's going to then authenticate that user and Django will verify that that password is correct once it's entered into the database the password gets hashed so this authenticate function will take care of hashing the function and checking leak into the database if the authentication works fine it will return a user object I can then take that user object and log into the system using that user and I'll return them to the index so let's see what happens when I try to register again let's say new user password I'll create a password password confirmation create that it redirects me to the index what I'll do is I'll go to the admin page it says I'm authentic ated as new user but I'm not authorized to access this page that's because new user is what I'm logged in as right now and that's not an admin user but if I log in as my original admin user I can go to the users table and I'll see two rows now the first is Anthony the one that I created and the second one is the new user and of course I can update the information here or what I could have done is I could have added more to this user creation form basically you just create a forms file you create a new class you inherit this user creation form and you add the extra fields that you want and then the final thing that I'll do is I'll just show you that you can access the information inside the index so once the user is logged in I can say if user is authenticated I believe if the user is authenticated what I want to do is I want to basically show something about that user so let me just see if I spelled it right I'll thin feel like there's a missing T okay so ENDIF here so if the user is authenticated I can say something like your name where I should say this your name is user dot username closeout h2 and then else I can say you're not logged in you are not logged in okay so I have that so if I go back to the index for my app tells me that your name is Anthony if I go to whoops if I go to the account slash logout which is created formula automatically what it will do is that we Dec redirects me to this logout screen which I can modify if I change the template and then if I go to login again and I log in as new user it sends me to the index and it shows me that my name is new user so that's all I want to show you in this video it's not a complete picture of how you would integrate a user login system into your app but as you can see Jango does a lot for you so it's not too difficult to get started really for most of the endpoints that have to do with the authentication system you only have to supply a template for the register one you have to create that one yourself as you can see what I did here but it's pretty simple to do so what I'm going to do is I'm going to create a future video where it's more detail and when I do and it looks better instead of having the plain HTML but I just want to create this video just to give you an idea of how it works and really what this video you can take what I've done and you can get to the other parts of it because everything that follows from here is just basically either extending the classes that are there available for you or you could add more templates and that's pretty much it so that's all I want to say in this video if you have any questions about the authentication in Jango then just leave a comment now below and I'll answer it if you liked this video please give me a thumbs up and if you haven't subscribed to my channel already please subscribe so thank you for watching and I will talk to you next time
Info
Channel: Pretty Printed
Views: 92,863
Rating: 4.8954248 out of 5
Keywords: django authentication, authentication, django
Id: dBctY3-Z5hY
Channel Id: undefined
Length: 19min 38sec (1178 seconds)
Published: Tue Jan 16 2018
Related Videos
Custom Django User Model // DJANGO Tutorial
CodingEntrepreneurs
129K
Python Django Tutorial: Full-Featured Web App Part 7 - Login and Logout System
Corey Schafer
357K
JSON Web Tokens With Django REST Framework
Pretty Printed
80K
Using the Django LoginView
Pretty Printed
25K
Django Authentication using LDAP Users | Web Login with LDAP Users | Django Login with LDAP Users
Pavi Elex
1.7K
Django tutorial: How to authenticate using Google
JustDjango
50K
User Registration and Login Authentication | Django (3.0) Crash Course Tutorials (pt 14)
Dennis Ivy
522K
Creating Blog User Logins With Authentication - Django Blog #9
Codemy.com
21K
Creating a Custom User Model (Django)
CodingWithMitch
75K
What Is JWT and Why Should You Use JWT
Web Dev Simplified
457K
Django Tutorial for Beginners | Full Course
Telusko
1.2M
Learn JSON in 10 Minutes
Web Dev Simplified
1.4M
User Role Based Permissions & Authentication | Django (3.0) Crash Course Tutorials (pt 15)
Dennis Ivy
148K
Learn Django - Build a Custom User Model with Extended Fields
Very Academy
28K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.