#100DaysOfWeb in Python Transcripts
Chapter: Days 53-56: Django part 2 - registration and login
Lecture: The structure of this 4 day module
0:01 So we made a cool quotes app in the Django one lesson
0:06 there's one issue though.
0:07 Anybody can add quotes to our app, no signup or
0:11 login required.
0:13 No users are associated with the quotes
0:16 that are being added, and again anybody can edit everything.
0:21 We don't want to re-invent the wheel
0:24 so I'm going to use Django registration 3.0
0:29 to add a registration system to the app
0:33 and use Djangos authentication system alongside it.
0:38 3.0 was just released, I'm recording this in
0:41 October 2018, this blog post, announcing
0:45 the upgrade is from September, so just last month.
0:49 And for those that have been using Django registration
0:52 there's a nice upgrade document on the documentation site
0:57 and there are some major changes, for example
0:59 the template directory was renamed
1:02 from registration, to django_registration.
1:06 It's actually interesting, some of the changes
1:08 the author had to make, were related to
1:11 Djangos more modern way of writing class based views
1:15 so it's worth reading this upgrade guide
1:18 especially this blog post.
1:22 And to make the sign up process more secure
1:25 I'm going to teach you two step activation
1:27 work flow, and what's cool about it is, it sends an
1:31 an activation link by e-mail,that the user has to
1:34 click on before the account gets created.
1:38 For that we need some e-mailing as well
1:40 I'm going to set you up with SendGrid to make that work.
1:44 So the the for four days, is a bit lighter than
1:48 last time, so I take two days for you
1:50 to watch the videos, it will be approximately
1:53 thirty minutes a day, and I left a little bit
1:56 of space there, because Django part one
1:59 came out almost at ninety minutes of video content
2:02 and that's not even including the practice session
2:04 you probably had building your first app.
2:07 So there's a bit of leeway, if your going through these
2:10 videos fast, that's good.
2:12 You might want to have a bit of catch up
2:14 on Django one, and then day three and four is
2:17 really to practice yourself, so you can check out
2:20 the quotes app, your starter code, and follow my steps.
2:25 But it might be more interesting to pick up
2:27 the app you built in the first lesson, so on days 45 to 48
2:33 and try to add Django registration to your own app.
2:38 'Cause then, your app will be more serious
2:40 with users having to log in
2:42 in proper session management.
2:46 And here are a sneak preview of what we're
2:47 going to build, so we will have a registration end point.
2:52 Where somebody can sign up with username
2:54 e-mail and a password, that triggers an e-mail
2:59 with an activation link
3:02 and again, SendGrid will handle the e-mailing
3:04 behind the scenes, it's pretty nice
3:06 we only have to set up an account with SendGrid
3:09 and add some configuration parameters
3:11 to Django settings at Python, and it'll work out of the box.
3:16 Which is nice.
3:17 Then when the user clicks activation URL they
3:20 get a complete end point, or confirmation
3:23 and then the account got created.
3:27 So then the user will use the login end point
3:31 and there's even a password reset functionality.
3:34 So you can enter an e-mail, and that then sends
3:37 a reset link to your e-mail.
3:41 Lastly we have to update the quotes app
3:43 to actually associate quotes with users.
3:46 So no more anonymous quotes, every quote that gets added
3:50 gets the user added to the quotes model.
3:53 So we have make the foreign key relation
3:55 from the quotes model to the user model.
3:58 And as you see I'm logged in here as well
4:00 and I can only edit that last quote
4:03 because, that's mine. I cannot edit the others, and if I log in as Brian.
4:07 Another user I made, I can only edit his quotes.
4:13 So we have some nice data protection there, going on.
4:16 And of course we have to make sure that we code
4:18 that properly in the views in the quotes app.
4:21 And that means, of course, that if we hit a quote
4:23 that's not one of ours, we get a 404.
4:27 Steps to get there, we need to install Django registration
4:31 we have to add some configuration to our settings at Py.
4:35 We have to add new routes to our URL.s at Py.
4:40 We have migrate the new model that comes with the plug in.
4:44 We have facilitate the required templates.
4:47 We're going to add a login and logout link to
4:50 the header of the website.
4:52 We're going to set up a SendGrid account and add
4:54 the corresponding e-mail configuration to settings of Py.
4:58 We're going to edit the quotes app
5:01 to encapsulate the user data, making sure users can
5:04 only edit their own data.
5:06 And lastly we're going to protect the editable views
5:10 using Djangos login required decorator.
5:13 All right, lets dive straight in