Django Authentication and Authorization Guide

Login Functionality

from django.contrib.auth import authenticate, login as auth_login, logout as auth_logout
from django.contrib.auth.decorators import login_required
from django.contrib import messages
from django.shortcuts import render, redirect

def login(request):
    if(request.method == "POST"):
        username = request.POST.get('username','').rstrip()
        password = request.POST.get('password','').rstrip()
        user = authenticate(request, username=username, password=password)
        if(user is not None):
            auth_login(request, user)
            return redirect('/basic/dashboard')
        else:
            messages.error(request, "Invalid credentials")
    return render(request, 'basic/login.html')

Dashboard View (Login Required)

@login_required
def dashboard(request):
    return render(request, 'basic/dashboard.html')

Using Pagination in Django

from django.core.paginator import Paginator
from django.contrib.auth.models import User

@login_required
def users(request):
    all_users = User.objects.all().order_by('id')  
    paginator = Paginator(all_users, 10)  # Show 10 users per page
    page_number = request.GET.get('page')
    page_obj = paginator.get_page(page_number)
    return render(request, 'basic/users.html', {'page_obj': page_obj})

Template Example

<h2>All Users</h2>

<ul>
  {% for user in page_obj %}
    <li>{{ user.username }} - {{ user.email }}</li>
  {% empty %}
    <li>No users found.</li>
  {% endfor %}
</ul>

<div class="pagination">
  {% if page_obj.has_previous %}
    <a href="?page=1">« First</a>
    <a href="?page={{ page_obj.previous_page_number }}">Previous</a>
  {% endif %}

  <span>Page {{ page_obj.number }} of {{ page_obj.paginator.num_pages }}</span>

  {% if page_obj.has_next %}
    <a href="?page={{ page_obj.next_page_number }}">Next</a>
    <a href="?page={{ page_obj.paginator.num_pages }}">Last »</a>
  {% endif %}
</div>

Restricting Views to Admin Only

from django.contrib.auth.decorators import user_passes_test

def is_admin(user):
    return user.is_superuser

@user_passes_test(is_admin)
def admin_only_view(request):
    # Your view code here
    return render(request, 'admin_view.html')

Create a Superuser for Admin Access

python manage.py createsuperuser

This command creates a superuser account that can access the Django admin panel and all admin-only views.

Django Authentication and Authorization Guide

Login Functionality

Dashboard View (Login Required)

Using Pagination in Django

Template Example

Restricting Views to Admin Only

Create a Superuser for Admin Access

In this category