Django comes with a built-in authentication framework that can handle user authentication, sessions, permissions, and user groups. The authentication system includes views for common user actions
such as login, logout, password change, and password reset. The authentication framework is located at django.contrib.auth and is used by other Django contrib packages.
When we create a new Django project using the startproject command, the authentication framework is included in the default settings of our project. It consists of the django.contrib.auth application and the following two middleware classes found in the MIDDLEWARE setting of our project:
Django provides the following class-based views to deal with authentication. All of them are located in django.contrib.auth.views:
Django provides the following views to handle password changes:
such as login, logout, password change, and password reset. The authentication framework is located at django.contrib.auth and is used by other Django contrib packages.
When we create a new Django project using the startproject command, the authentication framework is included in the default settings of our project. It consists of the django.contrib.auth application and the following two middleware classes found in the MIDDLEWARE setting of our project:
- AuthenticationMiddleware: Associates users with requests using sessions
- SessionMiddleware: Handles the current session across requests
- User: A user model with basic fields; the main fields of this model are username, password, email, first_name, last_name, and is_active
- Group: A group model to categorize users
- Permission: Flags for users or groups to perform certain actions
Django provides the following class-based views to deal with authentication. All of them are located in django.contrib.auth.views:
- LoginView: Handles a login form and logs in a user
LogoutView: Logs out a user
Django provides the following views to handle password changes:
- PasswordChangeView: Handles a form to change the user password
- PasswordChangeDoneView: The success view the user is redirected to after a successful password change
- PasswordResetView: Allows users to reset their password. It generates a one-time use link with a token and sends it to the user's email account.
- PasswordResetDoneView: Tells users that an email—including a link to reset their password—has been sent to them.
PasswordResetConfirmView: Allows users to set a new password.
PasswordResetCompleteView: The success view the user is redirected to after successfully resetting the password.
0 comments:
Post a Comment