NOTE: This article was initially posted on my Substack, at https://andresalvareziglesias.substack.com/
Hi everyone!
Django makes the user and session management easy. With every app, a user table is automatically generated, with a full management UI in the admin site, as we saw in previous parts of this series.
Now, we will integrate this users/session management in our game UI.
Articles in this series
Chapter 1: Let the journey start
Chapter 2: Create a containerized Django app with Gunicorn and Docker
Chapter 3: Serve Django static files with NGINX
Chapter 4: Adding a database to our stack
Chapter 5: Applications and sites
Chapter 6: Using the Django ORM
Chapter 7: Users login, logout and register
Login in or registering
We can make a simple login form like this:
As the text says, if the user does not exist yet, it will be automatically generated. While we can create a simple login form that automatically generates users on login attempts, this approach poses significant security risks. It leaves your application vulnerable to brute-force attacks, where attackers can repeatedly try different usernames and passwords to gain access. For each attempt, a new user would be created, further compromising your system. This approach should never be used in a production environment.
To develop this functionality, we need a view like this:
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User
def loginView(request):
username = request.POST.get(“username”, “”),
password = request.POST.get(“password”, “”))
# Try to log in first
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
login(request, user)
return redirect(“index”)
# Validate user and password
if User.objects.filter(username=username).exists():
return redirect(“index”)
if (len(password) < 8 orpassword.find(username) != -1):
return redirect(“index”)
# The user does not exists, create now
user = User.objects.create_user(username=username, password=password)
login(request, user)
return redirect(“index”)
The relevant parts of the following view are the user login:
if user is not None and user.is_active:
login(request, user)
And the user creation (and later login):
login(request, user)
As you can see, Django simplifies user account creation, authentication, and session handling for us.
Login out
We need to allow our users to close their sessions. Considering a simple “logout” link like this:
We can develop a logout view like this:
from django.contrib.auth import logout
def logoutView(request):
logout(request)
return redirect(“index”)
As simple as that. Django handles user session termination for us. Cool!
What have we learned so far?
We have walked a long trip in our journey to learn Django. Now, we are able to:
Create a Django app
Create any number of independent or interconnected subapps inside our app
Develop an HTML/Javascript web UI with a separated Python backend
Integrate our app with a database
Manage the user session
And we have learned a few things about architecture:
Generate interconnected services with Docker
Code a docker-compose file to create all environment in an easy way
Basic usage of gunicorn to serve our Django app
Basic usage of NGINX to serve the static parts of the site (and to route gunicorn calls)
Basic usage of PostgreSQL with Timescale exension
We now have the basic resources to develop any full-stack application, from user interface to backend and data layer.
Now, it’s time to develop our Tic-Tac-Toe game. Let’s play!
About the list
Among the Python and Docker posts, I will also write about other related topics (always tech and programming topics, I promise… with the fingers crossed), like:
Software architecture
Programming environments
Linux operating system
Etc.
If you found some interesting technology, programming language or whatever, please, let me know! I’m always open to learning something new!
About the author
I’m Andrés, a full-stack software developer based in Palma, on a personal journey to improve my coding skills. I’m also a self-published fantasy writer with four published novels to my name. Feel free to ask me anything!
