Facebook

Implementing authentication in Django

Django - 1.9
Python - 3.4

To implement the authentication in django follow these steps.

- First complete the initial migration so that initial tables are created in DB.
- Create superuser.
- Login to admin module using the credentials created in step above.
- Create another user which might be admin 'staff' member or not.
- Edit your url.conf file and add the urls corresponding to login and logout.
 [replace appname with your app's name in code below]

    url(r'^$', views.index, name='index'),
    url(r'^login/$', views.appname_login, name='appname_login'),
    url(r'^logout/$', views.appname_logout, name='appname_logout'), 



- Create login, logout and index functions in your view.py file

from django.shortcuts import render, redirect
from django.contrib.auth.decorators import login_required
from django.contrib.auth import authenticate, login, logout
from django.core.urlresolvers import reverse


@login_required(login_url='/appname/login/')
def index(request):
    print(request.user)
    context = {}
    context["user"] = request.user
    return render(request, "appname/index.html", context)



def tenant_login(request):
    context = {}
    if request.method == "GET":
        if "next" not in request.GET:
            context["next"] = "/appname/"
        else:
            context["next"] = request.GET["next"]
        return render(request, "appname/login.html", context)
    else:
        username = request.POST["username"]
        password = request.POST["password"]
        next_url = request.POST["next"]
        user = authenticate(username=username, password=password)
        if user is not None:
            if user.is_active:
                login(request, user)
                return redirect(next_url, args=(),kwargs={})
            else:
                context["message"] = "User is not active"
        else:
            context["message"] = "Invalid username or password"
        return render(request, "appname/login.html", context)


@login_required(login_url='/appname/login/')
def tenant_logout(request):
    logout(request)
    url = reverse("appname:appname_login")
    return redirect(url, args=(),kwargs={})


- Create login.html file in template directory.

   <form method="post" action="{% url "appname:appname_login" %}">
        {% csrf_token %}
       
<input type="text" name="next" hidden="" value="{{next}}">         
        <input type="text" name="username"> 
        <input type="password" name="password">
       
<input type="submit" name="submit" value="Log In">
   
</form>
    {{message}}


- Inside your index.html file

   {% if user.is_authenticated  %}
    {{user.first_name}}
    <a href="{% url "tenant:tenant_logout" %}">Logout</a>

    {% endif %}

- Run the python server. Goto localhost:8000/appname/.
- In view file you can see that 'index' method uses login_required decorator, if you are not logged in than you will be redirected to login page.
- When you are redirected to login page from any xyz page then a url parameter is added to url which tells where to redirect on successful login. Observe the url in address bar when you are redirected to login page.
- Enter the username and password of the user created in a step above. Log in.
- You will redirected to index page. If user is authenticated (if user is not AnonymousUser) then user's first name and logout link is displayed otherwise not.
- Clicking logout will logout you from the application and try to redirect to index page. but since index page requires login you will be redirected to login page.
- You can print user's full name in index template because you have full access to user object. Use {{user.get_full_name}} or {{user.first_name}} in template.


Let me know if you face any issues in this.

No comments:

Post a Comment