#100DaysOfWeb in Python Transcripts
Chapter: Days 53-56: Django part 2 - registration and login
Lecture: The structure of this 4 day module
0:01 So we made a cool quotes app in the Django one lesson there's one issue though. Anybody can add quotes to our app, no signup or login required.
0:14 No users are associated with the quotes that are being added, and again anybody can edit everything. We don't want to re-invent the wheel
0:25 so I'm going to use Django registration 3.0 to add a registration system to the app and use Djangos authentication system alongside it.
0:39 3.0 was just released, I'm recording this in October 2018, this blog post, announcing the upgrade is from September, so just last month.
0:50 And for those that have been using Django registration there's a nice upgrade document on the documentation site
0:58 and there are some major changes, for example the template directory was renamed from registration, to django_registration.
1:07 It's actually interesting, some of the changes the author had to make, were related to Djangos more modern way of writing class based views
1:16 so it's worth reading this upgrade guide especially this blog post. And to make the sign up process more secure
1:26 I'm going to teach you two step activation work flow, and what's cool about it is, it sends an an activation link by e-mail,that the user has to
1:35 click on before the account gets created. For that we need some e-mailing as well I'm going to set you up with SendGrid to make that work.
1:45 So the the for four days, is a bit lighter than last time, so I take two days for you to watch the videos, it will be approximately
1:54 thirty minutes a day, and I left a little bit of space there, because Django part one came out almost at ninety minutes of video content
2:03 and that's not even including the practice session you probably had building your first app. So there's a bit of leeway, if your going through these
2:11 videos fast, that's good. You might want to have a bit of catch up on Django one, and then day three and four is
2:18 really to practice yourself, so you can check out the quotes app, your starter code, and follow my steps. But it might be more interesting to pick up
2:28 the app you built in the first lesson, so on days 45 to 48 and try to add Django registration to your own app.
2:39 'Cause then, your app will be more serious with users having to log in in proper session management. And here are a sneak preview of what we're
2:48 going to build, so we will have a registration end point. Where somebody can sign up with username e-mail and a password, that triggers an e-mail
3:00 with an activation link and again, SendGrid will handle the e-mailing behind the scenes, it's pretty nice
3:07 we only have to set up an account with SendGrid and add some configuration parameters to Django settings at Python, and it'll work out of the box.
3:17 Which is nice. Then when the user clicks activation URL they get a complete end point, or confirmation and then the account got created.
3:28 So then the user will use the login end point and there's even a password reset functionality. So you can enter an e-mail, and that then sends
3:38 a reset link to your e-mail. Lastly we have to update the quotes app to actually associate quotes with users.
3:47 So no more anonymous quotes, every quote that gets added gets the user added to the quotes model. So we have make the foreign key relation
3:56 from the quotes model to the user model. And as you see I'm logged in here as well and I can only edit that last quote
4:04 because, that's mine. I cannot edit the others, and if I log in as Brian. Another user I made, I can only edit his quotes.
4:14 So we have some nice data protection there, going on. And of course we have to make sure that we code that properly in the views in the quotes app.
4:22 And that means, of course, that if we hit a quote that's not one of ours, we get a 404. Steps to get there, we need to install Django registration
4:32 we have to add some configuration to our settings at Py. We have to add new routes to our URL.s at Py.
4:41 We have migrate the new model that comes with the plug in. We have facilitate the required templates. We're going to add a login and logout link to
4:51 the header of the website. We're going to set up a SendGrid account and add the corresponding e-mail configuration to settings of Py.
4:59 We're going to edit the quotes app to encapsulate the user data, making sure users can only edit their own data.
5:07 And lastly we're going to protect the editable views using Djangos login required decorator. All right, lets dive straight in