HTML
JAVASCRIPT
CSS
PYTHON
SQL
JAVA
GO
REACT
NODEJS
AWS
GENERATIVE AI
AI
GIT
SWIFT
KOTLIN
TYPESCRIPT
ANGULAR
BLOCKCHAIN
CYBERSECURITY
MACHINE LEARNING
C
C PLUS
QUANTUM COMPUTING
DSA
AGENTIC AI
AZURE
GCP
VUE JS
POSTGRESQL
DJANGO

Django Authentication

Django Authentication System

Django includes a user identity system that handles signing in, registering, logging out, and permissions. It’s built into the framework and ready to use without extra setup.

What Is Authentication?

Authentication is the method of verifying someone's identity — for example, confirming a person is who they claim to be through a username and password.

Django gives you tools to:

  • Create user accounts
  • Check credentials
  • Manage sessions
  • Assign access control

Getting Started

When you run python manage.py migrate for the first time, Django automatically sets up all the database tables needed for login and account handling.

You can then generate an admin user (superuser) with:

python manage.py createsuperuser

Included Models

Django comes with a built-in model named User. This model contains common fields like:

  • username
  • email
  • password
  • first_name, last_name
  • is_staff, is_superuser

You can use this model to create and manage accounts in your own app or via the admin dashboard.

Logging In and Logging Out

Django provides default views for login and logout.

To use them, include the auth routes:

from django.contrib.auth import views as auth_views  

urlpatterns = [     
     path('login/', auth_views.LoginView.as_view(), name='login'),     
     path('logout/', auth_views.LogoutView.as_view(), name='logout'), 
]

Custom views like user sign-in and sign-out require you to supply the corresponding templates: registration/login.html and registration/logged_out.html.

Checking Who Is Logged In

Inside your views, you can check if someone is authenticated:

if request.user.is_authenticated:     
      # Show protected content 
else:     
      # Redirect or deny access

Protecting Views

Use a decorator to restrict access:

from django.contrib.auth.decorators import login_required  

@login_required  
def dashboard(request):     
      Return render(request, 'account/dashboard.html')

Only signed-in users will be allowed to visit this view.

Creating a Custom Signup Form

You can build your own registration logic:

from django.contrib.auth.models import User  

def register(request):     
      if request.method == 'POST':         
           User.objects.create_user(             
              username=request.POST['username'],             
              password=request.POST['password']        
           )        
          return redirect('login')     
    Return render(request, 'register.html')

This adds a new user to the system using Django’s default model.

Permissions and Groups

You can assign specific roles using permissions or group memberships. Examples:

  • Allow staff to edit but not delete
  • Let only admins access dashboards

These are handled using flags like:

user.is_staff 
User.has_perm('appname.change_modelname')

Summary

  • Built-in tools handle users, login, logout, and registration
  • Auth decorators limit access to private pages
  • You can build your own signup forms or use defaults
  • Permissions and groups let you control access levels

Prefer Learning by Watching?

Watch these YouTube tutorials to understand HTML Tutorial visually:

What You'll Learn:
  • 📌 Login With User Authentication - Django Wednesdays #21
  • 📌 Django Login Form and User Authentication
Previous Next