django.contrib.auth

# django_project/settings.py
INSTALLED_APPS = [
    "django.contrib.admin",
    "django.contrib.auth", # Yoohoo!!!!
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    # Local
    "accounts.apps.AccountsConfig",
    "pages.apps.PagesConfig",
]

There are, in fact, 6 apps already there that Django provides for us which power the site. The first is admin and the second is auth. This is how we know the auth app is already present in our Django project.

When we earlier ran the migrate command for the first time all of these apps were linked together in the initial database. And remember that we used the AUTH_USER_MODEL setting to tell Django to use our custom user model, not the default User model here. This is why we had to wait until that configuration was complete before running migrate for the first time.

Auth URLs and Views

To use Django’s built-in auth app we must explicitly add it to our config/urls.py file. The easiest approach is to use accounts/ as the prefix since that is commonly used in the Django community.

Make the one line change below. Note that as our urls.py file grows in length, adding comments for each type of URL–admin, user management, local apps, etc.–helps with readability.

# django_project/urls.py
from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    # Django admin
    path("admin/", admin.site.urls),
    # User management
    path("accounts/", include("django.contrib.auth.urls")),
    # new
    # Local apps
    path("", include("pages.urls")),
]

What’s included in the auth app? A lot it turns out. First off, there are a number of associated urls.

accounts/login/ [name="login"]
accounts/logout/ [name="logout"]
accounts/password_change/ [name="password_change"]
accounts/password_change/done/ [name="password_change_done"]
accounts/password_reset/ [name="password_reset"]
accounts/password_reset/done/ [name="password_reset_done"]
accounts/reset/<uidb64>/<token>/ [name="password_reset_confirm"]
accounts/reset/done/ [name="password_reset_complete"]

---

Authentication Views

Django provides several views that you can use for handling login, logout, and password management.

Django provides no default template for the authentication views. You should create your own templates for the views you want to use. The template context is documented in each view, see All authentication views.

Using the views

There are different methods to implement these views in your project. The easiest way is to include the provided URLconf in django.contrib.auth.urls in your own **URLconf, for example:

urlpatterns = [
    path("accounts/", include("django.contrib.auth.urls")),
]

This will include the following URL patterns:

accounts/login/ [name='login']
accounts/logout/ [name='logout']
accounts/password_change/ [name='password_change']
accounts/password_change/done/ [name='password_change_done']
accounts/password_reset/ [name='password_reset']
accounts/password_reset/done/ [name='password_reset_done']
accounts/reset/<uidb64>/<token>/ [name='password_reset_confirm']
accounts/reset/done/ [name='password_reset_complete']

---

Create Templates for Authentication Views

Django's authentication views use specific template names. You need to create these templates in your project. For example, create the following templates:

Example

registration/login.html
registration/logged_out.html
registration/password_change_form.html
registration/password_change_done.html
registration/password_reset_form.html
registration/password_reset_done.html
registration/password_reset_confirm.html
registration/password_reset_complete.html

login.htmlviews.pyurls.pysettings.py

Here's an example of a simple login.html template:

<!-- templates/registration/login.html -->
<!DOCTYPE html>
<html>
<head>
    <title>Login</title>
</head>
<body>
    <h2>Login</h2>
    <form method="post">
        {% csrf_token %}
        {{ form.as_p }}
        <button type="submit">Login</button>
    </form>
</body>
</html>

Update Views in Your App

If you want to extend the functionality or customize the behavior of the authentication views, you can create custom views in your app and update the URL configuration accordingly.

For example, you can create a custom login view in myapp/views.py:

# myapp/views.py
from django.contrib.auth.views import LoginView

class CustomLoginView(LoginView):
    template_name = 'registration/login.html'

And update the URL configuration to use this custom view:

# myapp/urls.py
from django.urls import path
from .views import CustomLoginView

urlpatterns = [
    path('login/', CustomLoginView.as_view(), name='login'),
    # Other URL patterns for your app
]

# myproject/settings.py
LOGIN_REDIRECT_URL = '/'
LOGOUT_REDIRECT_URL = '/accounts/login/'

---

Question

In Django, django.contrib.auth.views and django.views are modules that provide various functionalities related to authentication and generic views, respectively.

django.contrib.auth.viewsdjango.views

The django.contrib.auth.views module specifically deals with authentication-related views and functionalities. Here are some key components it provides:

1. Login and Logout Views:

   • LoginView: Allows users to log in to the site.
   • LogoutView: Allows users to log out from the site.

2. Password Management:

   • PasswordChangeView: Allows users to change their password.
   • PasswordChangeDoneView: Confirmation view after a password change.
   • PasswordResetView: Allows users to request a password reset.
   • PasswordResetDoneView, PasswordResetConfirmView, PasswordResetCompleteView: Views for handling password reset flow.

3. User Management:

   • UserCreationForm, UserChangeForm: Forms for creating and changing user accounts.
   • UserDetailView: View for displaying user details.

4. Permissions and Authorization:

   • Views and forms related to permissions and authorization checks.

---

These views and functionalities provided by django.contrib.auth.views help developers quickly implement common authentication-related features in their Django applications.

On the other hand, django.views is a module that provides generic views for handling common web development patterns. Some of the generic views provided by django.views include:

• View: The base class for all views. It handles HTTP request processing.
• TemplateView: Renders a given template, with the context passed through.
• RedirectView: Redirects to a specified URL.
• ListView: Renders a list of objects from a queryset.
• DetailView: Renders the details of a single object from a queryset.

These generic views simplify the implementation of common tasks in Django web development, such as rendering data from models, handling redirects, or displaying static templates.

---

Summary

• django.contrib.auth.views: Deals with authentication-related views and functionalities like login, logout, password management, and user management.
• django.views: Provides generic views for handling common web development patterns such as rendering templates, handling redirects, and displaying lists or details of objects.

Both modules are essential in Django development, offering convenient abstractions and utilities to streamline the creation of robust web applications.

---

Reference

• Django for Professionals by William S. Vincent
• Authentication Views
• learndjango auth
• Django Authentication
• Django auth: official