π Django β Guide 6: Authentication (Login & Logout)
This guide explains how to add user authentication (login + logout) to your Django project.
You will build a simple login form, protect pages using the @login_required decorator, and enable logout functionality.
π Note: The repository includes a sample SQLite database (
db.sqlite3) with preloaded tables and test data.
Available login credentials:
- User account:
user/demo - Admin account:
admin/root
By the end of this guide, you will be able to:
- β Create a users app for handling login + logout
- β
Add URL routes for
/users/login/and/users/logout/ - β
Implement
login_viewandlogout_view - β Create a Bootstrap login page
- β Add authentication links to the global footer
- β
Protect pages using
@login_required - β Redirect users after login/logout
- β Make everything work using your SQLite setup
π Project Structure
project_folder/
βββ manage.py
β
βββ core/
β βββ settings.py
β βββ urls.py
β
βββ apps/
β βββ users/
β β βββ apps.py
β β βββ urls.py
β β βββ views.py
β β βββ templates/users/login.html
β β
β βββ uom/
β β βββ views.py β protected with @login_required
β β βββ ...
β β
β βββ <other-apps>/
β
βββ templates/
β βββ base.html β login/logout links in footer
β
βββ db.sqlite3
βοΈ 1. Add Authentication Settings in core/settings.py
These settings control where to redirect after login and logout:
LOGIN_URL = '/users/login/'
LOGIN_REDIRECT_URL = '/'
LOGOUT_REDIRECT_URL = '/users/login/'
Also ensure your INSTALLED_APPS includes:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'debug_toolbar',
'apps.users', # <-- our Authentication app
'apps.uom',
'apps.categories',
'apps.doctype',
'apps.items',
'apps.compute',
]
π 2. Add User Routes in core/urls.py
urlpatterns = [
path('', include('apps.uom.urls')),
path('admin/', admin.site.urls),
path('users/', include('apps.users.urls')),
path('categories/', include('apps.categories.urls')),
path('doctype/', include('apps.doctype.urls')),
path('items/', include('apps.items.urls')),
path('compute/', include('apps.compute.urls')),
]
𧩠3. Create the users App Configuration
apps/users/apps.py:
from django.apps import AppConfig
class AuthConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'apps.users'
π 4. Create Authentication URLs
apps/users/urls.py:
from django.urls import path
from . import views
urlpatterns = [
path('login/', views.login_view, name='login'),
path('logout/', views.logout_view, name='logout'),
]
π§ 5. Create Authentication Views
apps/users/views.py:
from django.shortcuts import render, redirect
from django.contrib.auth import authenticate, login
from django.contrib import messages
from django.contrib.auth import logout
def login_view(request):
if request.method == "POST":
username = request.POST.get("username")
password = request.POST.get("password")
user = authenticate(request, username=username, password=password)
if user:
login(request, user)
return redirect('/') # Home page
else:
messages.error(request, "Invalid username or password")
return render(request, 'users/login.html')
def logout_view(request):
logout(request)
return redirect('login')
π¨ 6. Create the Login Page Template
apps/users/templates/users/login.html:
{% extends 'base.html' %}
{% block title %}Login{% endblock %}
{% block content %}
<div class="card shadow-lg p-4 mb-3" style="max-width: 450px; margin: 0 auto;">
<h4 class="mb-4 text-center">Login</h4>
{% if messages %}
{% for message in messages %}
<div class="alert alert-danger py-2">{{ message }}</div>
{% endfor %}
{% endif %}
<form method="POST">
{% csrf_token %}
<div class="mb-3">
<label class="form-label">Username</label>
<input type="text" name="username" class="form-control" required autofocus>
</div>
<div class="mb-3">
<label class="form-label">Password</label>
<input type="password" name="password" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary w-100">Login</button>
</form>
</div>
{% endblock %}
π¦Ά 7. Add Login / Logout Links in the Footer
templates/base.html:
{% if user.is_authenticated %}
<a class="ln" href="{% url 'logout' %}">γγγγγγ¨γ</a>
{% else %}
<a class="ln" href="{% url 'login' %}">γγγγγγ</a>
{% endif %}
Users instantly see login/logout options anywhere in the project.
π 8. Protect Pages Using @login_required
Example (apps/uom/views.py):
from django.contrib.auth.decorators import login_required
@login_required
def index(request):
...
Any user who isnβt logged in is automatically redirected to:
/users/login/?next=/requested/page/
π§ͺ 9. Test the Full Authentication Flow
1οΈβ£ Visit:
http://localhost:8000/users/login/
2οΈβ£ Enter a valid Django admin user
(you can create one with python manage.py createsuperuser)
3οΈβ£ After login β Redirects to /
4οΈβ£ Logout from the footer
Everything should work exactly like Guide 5 with the same clarity and flow.
π Done! Authentication is Fully Working
You now have:
- β Login page with Bootstrap
- β Logout functionality
- β Redirects after login/logout
- β Footer showing login/logout options
- β Protected views using
@login_required - β Smooth integration with your current project
- β No migrations needed β purely Django built-in auth