Backend DevelopmentPython TutorialStep-by-Step Guide to User Authentication with Django, Djoser, and JWT: Part I
User authentication and management are foundational features when starting a new project. Because these tasks are often repeated, various packages have been developed to streamline the process, allowing developers to focus on other aspects of their projects. One such package is Djoser, which integrates seamlessly with Django REST Framework (DRF) to handle authentication and user management. In this guide, I’ll walk you through building a full user authentication system using Djoser, including setting up email functionality and custom email templates.
Setting Up the Project
Start by creating a directory for your project:
mkdir userauth
Navigate to the new directory in your preferred IDE, set up a virtual environment and activate it
python venv .venv source .venv/bin/activate
Next, install the necessary packages:
pip install django djangorestframework djoser djangorestframework_simplejwt social-auth-app-django drf-yasg
Note: Some dependencies, such as social-auth-app-django, might be installed automatically with Djoser. If so, you can skip explicitly adding them
Once installed, generate a requirements.txt file to track your dependencies:
pip freeze > requirements.txt
You should see all the installed packages listed in the requirements.txt file, including any dependencies.
Create the Django Project and get the server running
django-admin startapp userauth .
This will create the django project. We then need to create an app inside our project
python manage.py startapp accounts
Your project directory should now contain the following:
.venv (virtual environment)
accounts/ (authentication app)
userauth/ (main project folder)
manage.py
requirements.txt
Configuring the Project
Add the required packages and apps to the INSTALLED_APPS section in settings.py:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# Third Party Apps
'rest_framework',
'djoser',
'rest_framework_simplejwt',
'drf_yasg',
# Local Apps
'accounts',
]
Update your settings.py to include configurations for Django REST Framework and SimpleJWT:
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
}
Let's create our custom user model since
create managers.py file in the accounts folder
accounts/managers.py
from django.contrib.auth.models import BaseUserManager
class CustomUserManager(BaseUserManager):
def create_user(self, email, username, password=None, **extra_fields) -> None:
if not username:
raise ValueError("Username is required")
if not email:
raise ValueError("Email is required")
email = self.normalize_email(email)
user = self.model(email=email, username=username, **extra_fields)
user.set_password(password)
user.save()
return user
def create_superuser(self, email, username, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault("is_staff", True)
extra_fields.setdefault("is_superuser", True)
extra_fields.setdefault("is_active", True)
if extra_fields.get("is_staff") is not True:
raise ValueError("Superuser must have is_staff=True.")
if extra_fields.get("is_superuser") is not True:
raise ValueError("Superuser must have is_superuser=True.")
return self.create_user(email, username, password, **extra_fields)
accounts/models.py
from django.db import models
from django.contrib.auth.models import AbstractUser
from accounts.managers import CustomUserManager
class CustomUser(AbstractUser):
username = None
email = models.EmailField(unique=True)
is_verified = models.BooleanField(default=False)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return self.email
Add this line in your settings.py file
AUTH_USER_MODEL = 'accounts.CustomUser'
We can go ahead to make our migrations then run the local development server
python manage.py makemigrations python manage.py migrate python manage.py runserver
There should be no issues up to this point.
Configuring Djoser URLs
Include the URLs that Djoser provides in your project’s URL patterns, along with Swagger for API documentation:
userauth/urls.py
from django.contrib import admin
from django.urls import include, path
from rest_framework import permissions
from drf_yasg.views import get_schema_view
from drf_yasg import openapi
schema_view = get_schema_view(
openapi.Info(
title="User Accounts API",
default_version="v1",
description="REST implementation of Django authentication system using Djoser",
contact=openapi.Contact(email="contact@snippets.local"),
license=openapi.License(name="BSD License"),
),
public=True,
permission_classes=(permissions.AllowAny,),
)
urlpatterns = [
path('admin/', admin.site.urls),
path('api/docs', schema_view.with_ui("swagger", cache_timeout=0), name="swagger-ui"),
path('api/', include('djoser.urls')),
path('api/', include('djoser.urls.jwt'))
]
Go to http://127.0.0.1:8000/api/docs/ in your browser to view the API documentation.
Configuring Djoser Settings
All settings that can be configured for djoser can be found here Djoser settings
userauth/settings.py
mkdir userauth
Here we are requiring users to receive an activation email. The activation url is the link sent to the user's email for them to click. The token and uid needs to be extracted and a post request sent with them as the body to the activation route in your project
Configuring Email Sending
Finally we need to configure email sending. I'll be using mailtrap for email sending. You can choose to send the email to the console or whatever email service you choose.
For sending the email to your console
python venv .venv source .venv/bin/activate
Using external mail service
pip install django djangorestframework djoser djangorestframework_simplejwt social-auth-app-django drf-yasg
Replace the placeholders with the correct credentials
To test this out, we'll use postman to test it out.
Creating a new user
Then the activation email sent to the user
Customizing Email Templates
Let's customize the email template a little
Create a template folder in the accounts directory, then create an email folder and go ahead to create template folder in there
accounts/templates/email/activation_email.py
We customize the default email that comes with djoser
pip freeze > requirements.txt
To customize the site name in the template, add this line to the djoser setting
django-admin startapp userauth .
The email template looks like this now
Extending Activation View
For the last part of this article, let work on the email verification.
We start by customizing the activation view in accounts/views.py:
accounts/views.py
python manage.py startapp accounts
We are extending the activation view on djoser to customize it and set the is_verified field on our user model to true
accounts/urls.py
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# Third Party Apps
'rest_framework',
'djoser',
'rest_framework_simplejwt',
'drf_yasg',
# Local Apps
'accounts',
]
Urls file in the project level
userauth/urls.py
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework_simplejwt.authentication.JWTAuthentication',
),
}
To test this out create a new test user and click the activation url sent to the email.
You get to this page, because the url does not exist in our project
from the url extract the uid and token and make a post request to the activation route you defined in your accounts/urls.py file
from the screenshot, my route is ;
mkdir userauth
The uid is MTY
The token is cil456-aaf8331efb885f0b4412f35ce544648c
Using the parameters to make a post request to the activate endpoint
This concludes the tutorial for setting up user authentication with Djoser. You now have a functional authentication system with email activation and customizable templates. In the second part of this series, we’ll explore social authentication, enabling users to sign up and log in using third-party services like Google, Facebook, and GitHub. Stay tuned for more!
If you have any questions or feedback, feel free to leave a comment.
The above is the detailed content of Step-by-Step Guide to User Authentication with Django, Djoser, and JWT: Part I. For more information, please follow other related articles on the PHP Chinese website!
How Do I Use Beautiful Soup to Parse HTML?Mar 10, 2025 pm 06:54 PMThis article explains how to use Beautiful Soup, a Python library, to parse HTML. It details common methods like find(), find_all(), select(), and get_text() for data extraction, handling of diverse HTML structures and errors, and alternatives (Sel
Mathematical Modules in Python: StatisticsMar 09, 2025 am 11:40 AMPython's statistics module provides powerful data statistical analysis capabilities to help us quickly understand the overall characteristics of data, such as biostatistics and business analysis. Instead of looking at data points one by one, just look at statistics such as mean or variance to discover trends and features in the original data that may be ignored, and compare large datasets more easily and effectively. This tutorial will explain how to calculate the mean and measure the degree of dispersion of the dataset. Unless otherwise stated, all functions in this module support the calculation of the mean() function instead of simply summing the average. Floating point numbers can also be used. import random import statistics from fracti
Serialization and Deserialization of Python Objects: Part 1Mar 08, 2025 am 09:39 AMSerialization and deserialization of Python objects are key aspects of any non-trivial program. If you save something to a Python file, you do object serialization and deserialization if you read the configuration file, or if you respond to an HTTP request. In a sense, serialization and deserialization are the most boring things in the world. Who cares about all these formats and protocols? You want to persist or stream some Python objects and retrieve them in full at a later time. This is a great way to see the world on a conceptual level. However, on a practical level, the serialization scheme, format or protocol you choose may determine the speed, security, freedom of maintenance status, and other aspects of the program
How to Perform Deep Learning with TensorFlow or PyTorch?Mar 10, 2025 pm 06:52 PMThis article compares TensorFlow and PyTorch for deep learning. It details the steps involved: data preparation, model building, training, evaluation, and deployment. Key differences between the frameworks, particularly regarding computational grap
What are some popular Python libraries and their uses?Mar 21, 2025 pm 06:46 PMThe article discusses popular Python libraries like NumPy, Pandas, Matplotlib, Scikit-learn, TensorFlow, Django, Flask, and Requests, detailing their uses in scientific computing, data analysis, visualization, machine learning, web development, and H
Scraping Webpages in Python With Beautiful Soup: Search and DOM ModificationMar 08, 2025 am 10:36 AMThis tutorial builds upon the previous introduction to Beautiful Soup, focusing on DOM manipulation beyond simple tree navigation. We'll explore efficient search methods and techniques for modifying HTML structure. One common DOM search method is ex
How to Create Command-Line Interfaces (CLIs) with Python?Mar 10, 2025 pm 06:48 PMThis article guides Python developers on building command-line interfaces (CLIs). It details using libraries like typer, click, and argparse, emphasizing input/output handling, and promoting user-friendly design patterns for improved CLI usability.
Explain the purpose of virtual environments in Python.Mar 19, 2025 pm 02:27 PMThe article discusses the role of virtual environments in Python, focusing on managing project dependencies and avoiding conflicts. It details their creation, activation, and benefits in improving project management and reducing dependency issues.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 English version
Recommended: Win version, supports code prompts!
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Notepad++7.3.1
Easy-to-use and free code editor
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
