A Python journey to Full-Stack

Share this post

A Python journey to Full-Stack
A Python journey to Full-Stack
Django 7 - Users login, logout and register
Copy link
Facebook
Email
Notes
More

Django 7 - Users login, logout and register

Building a Multiplayer Tic Tac Toe with Python, Docker, and AI

Andrés Álvarez Iglesias
Apr 09, 2024
1

Share this post

A Python journey to Full-Stack
A Python journey to Full-Stack
Django 7 - Users login, logout and register
Copy link
Facebook
Email
Notes
More
2
Share

Hi everyone!

Django makes the user and session management easy. With every app, a user table is automatically generated, with a full management UI in the admin site, as we saw in previous parts of this series.

Now, we will integrate this users/session management in our game UI.

Articles in this series

  • Chapter 1: Let the journey start

  • Chapter 2: Create a containerized Django app with Gunicorn and Docker

  • Chapter 3: Serve Django static files with NGINX

  • Chapter 4: Adding a database to our stack

  • Chapter 5: Applications and sites

  • Chapter 6: Using the Django ORM

Login in or registering

We can make a simple login form like this:

As the text says, if the user does not exist yet, it will be automatically generated. While we can create a simple login form that automatically generates users on login attempts, this approach poses significant security risks. It leaves your application vulnerable to brute-force attacks, where attackers can repeatedly try different usernames and passwords to gain access. For each attempt, a new user would be created, further compromising your system.  This approach should never be used in a production environment.

To develop this functionality, we need a view like this:

from django.shortcuts import redirect
from django.contrib.auth import authenticate, login
from django.contrib.auth.models import User

def loginView(request):
   username = request.POST.get("username", ""),    
   password = request.POST.get("password", ""))

   # Try to log in first
   user = authenticate(username=username, password=password)
   if user is not None and user.is_active:
       login(request, user)
       return redirect("index")

   # Validate user and password
   if User.objects.filter(username=username).exists():
       return redirect("index")

   if (len(password) < 8 orpassword.find(username) != -1):
       return redirect("index")

   # The user does not exists, create now
   user = User.objects.create_user(username=username, password=password)
   login(request, user)
   return redirect("index")

The relevant parts of the following view are the user login:

user = authenticate(username=username, password=password)
if user is not None and user.is_active:
    login(request, user)

And the user creation (and later login):

user = User.objects.create_user(username=username, password=password)
login(request, user)

As you can see, Django simplifies user account creation, authentication, and session handling for us. 

Login out

We need to allow our users to close their sessions. Considering a simple "logout" link like this:

We can develop a logout view like this:

from django.shortcuts import redirect
from django.contrib.auth import logout

def logoutView(request):
   logout(request)
   return redirect("index")

As simple as that. Django handles user session termination for us. Cool!

What have we learned so far?

We have walked a long trip in our journey to learn Django. Now, we are able to:

  • Create a Django app

  • Create any number of independent or interconnected subapps inside our app

  • Develop an HTML/Javascript web UI with a separated Python backend

  • Integrate our app with a database

  • Manage the user session

And we have learned a few things about architecture:

  • Generate interconnected services with Docker

  • Code a docker-compose file to create all environment in an easy way

  • Basic usage of gunicorn to serve our Django app

  • Basic usage of NGINX to serve the static parts of the site (and to route gunicorn calls)

  • Basic usage of PostgreSQL with Timescale exension

We now have the basic resources to develop any full-stack application, from user interface to backend and data layer.

Now, it's time to develop our Tic-Tac-Toe game. Let's play!

About the list

Among the Python and Docker posts, I will also write about other related topics (always tech and programming topics, I promise... with the fingers crossed), like:

  • Software architecture

  • Programming environments

  • Linux operating system

  • Etc.

If you found some interesting technology, programming language or whatever, please, let me know! I'm always open to learning something new!

Leave a comment

About the author

I'm Andrés, a full-stack software developer based in Palma, on a personal journey to improve my coding skills. I'm also a self-published fantasy writer with four published novels to my name. Feel free to ask me anything!

1

Share this post

A Python journey to Full-Stack
A Python journey to Full-Stack
Django 7 - Users login, logout and register
Copy link
Facebook
Email
Notes
More
2
Share

Discussion about this post

No posts

Ready for more?

© 2025 Andrés Álvarez Iglesias
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More