├── README.md
├── backend
├── .DS_Store
├── backend
│ ├── __init__.py
│ ├── __pycache__
│ │ ├── __init__.cpython-312.pyc
│ │ ├── settings.cpython-312.pyc
│ │ ├── urls.cpython-312.pyc
│ │ └── wsgi.cpython-312.pyc
│ ├── asgi.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
├── base
│ ├── .DS_Store
│ ├── __init__.py
│ ├── __pycache__
│ │ ├── __init__.cpython-312.pyc
│ │ ├── admin.cpython-312.pyc
│ │ ├── apps.cpython-312.pyc
│ │ ├── authentication.cpython-312.pyc
│ │ ├── models.cpython-312.pyc
│ │ ├── serializers.cpython-312.pyc
│ │ ├── urls.cpython-312.pyc
│ │ └── views.cpython-312.pyc
│ ├── admin.py
│ ├── apps.py
│ ├── authentication.py
│ ├── migrations
│ │ ├── 0001_initial.py
│ │ ├── __init__.py
│ │ └── __pycache__
│ │ │ ├── 0001_initial.cpython-312.pyc
│ │ │ └── __init__.cpython-312.pyc
│ ├── models.py
│ ├── serializers.py
│ ├── tests.py
│ ├── urls.py
│ └── views.py
├── db.sqlite3
└── manage.py
└── frontend
├── .gitignore
├── README.md
├── package-lock.json
├── package.json
├── public
├── favicon.ico
├── index.html
├── logo192.png
├── logo512.png
├── manifest.json
└── robots.txt
└── src
├── App.css
├── App.js
├── App.test.js
├── api
└── endpoints.js
├── components
├── layout.js
└── private_route.js
├── context
└── useAuth.js
├── index.css
├── index.js
├── logo.svg
├── reportWebVitals.js
├── routes
├── login.js
├── menu.js
└── register.js
└── setupTests.js
/README.md:
--------------------------------------------------------------------------------
1 | **Django and React Secure Authentication**
2 |
3 | Check out the youtube tutorial at https://www.youtube.com/watch?v=KVzGiRp_XU8
4 |
--------------------------------------------------------------------------------
/backend/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/.DS_Store
--------------------------------------------------------------------------------
/backend/backend/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/backend/__init__.py
--------------------------------------------------------------------------------
/backend/backend/__pycache__/__init__.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/backend/__pycache__/__init__.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/backend/__pycache__/settings.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/backend/__pycache__/settings.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/backend/__pycache__/urls.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/backend/__pycache__/urls.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/backend/__pycache__/wsgi.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/backend/__pycache__/wsgi.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/backend/asgi.py:
--------------------------------------------------------------------------------
1 | """
2 | ASGI config for backend project.
3 |
4 | It exposes the ASGI callable as a module-level variable named ``application``.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/5.0/howto/deployment/asgi/
8 | """
9 |
10 | import os
11 |
12 | from django.core.asgi import get_asgi_application
13 |
14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'backend.settings')
15 |
16 | application = get_asgi_application()
17 |
--------------------------------------------------------------------------------
/backend/backend/settings.py:
--------------------------------------------------------------------------------
1 | """
2 | Django settings for backend project.
3 |
4 | Generated by 'django-admin startproject' using Django 5.0.7.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/5.0/topics/settings/
8 |
9 | For the full list of settings and their values, see
10 | https://docs.djangoproject.com/en/5.0/ref/settings/
11 | """
12 |
13 | from pathlib import Path
14 | from datetime import timedelta
15 |
16 | # Build paths inside the project like this: BASE_DIR / 'subdir'.
17 | BASE_DIR = Path(__file__).resolve().parent.parent
18 |
19 |
20 | # Quick-start development settings - unsuitable for production
21 | # See https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/
22 |
23 | # SECURITY WARNING: keep the secret key used in production secret!
24 | SECRET_KEY = 'django-insecure-9)-@hez*pss!^*8n(y82w#drm5%^vbsyr+b$+b03!e7yb5!lg9'
25 |
26 | # SECURITY WARNING: don't run with debug turned on in production!
27 | DEBUG = True
28 |
29 | ALLOWED_HOSTS = []
30 |
31 |
32 | # Application definition
33 |
34 | INSTALLED_APPS = [
35 | 'django.contrib.admin',
36 | 'django.contrib.auth',
37 | 'django.contrib.contenttypes',
38 | 'django.contrib.sessions',
39 | 'django.contrib.messages',
40 | 'django.contrib.staticfiles',
41 | #add installations here
42 | "corsheaders",
43 | 'rest_framework',
44 | 'rest_framework_simplejwt',
45 | 'rest_framework_simplejwt.token_blacklist',
46 | 'base'
47 | ]
48 |
49 | MIDDLEWARE = [
50 | 'django.middleware.security.SecurityMiddleware',
51 | 'django.contrib.sessions.middleware.SessionMiddleware',
52 | "corsheaders.middleware.CorsMiddleware",
53 | 'django.middleware.common.CommonMiddleware',
54 | 'django.middleware.csrf.CsrfViewMiddleware',
55 | 'django.contrib.auth.middleware.AuthenticationMiddleware',
56 | 'django.contrib.messages.middleware.MessageMiddleware',
57 | 'django.middleware.clickjacking.XFrameOptionsMiddleware',
58 | ]
59 |
60 | CORS_ALLOWED_ORIGINS = [
61 | "http://localhost:3000"
62 | ]
63 |
64 | CORS_ALLOW_CREDENTIALS = True
65 |
66 | REST_FRAMEWORK = {
67 | 'DEFAULT_AUTHENTICATION_CLASSES': (
68 | 'base.authentication.CookiesJWTAuthentication',
69 | ),
70 | 'DEFAULT_PERMISSION_CLASSES': [
71 | 'rest_framework.permissions.IsAuthenticated',
72 | ]
73 | }
74 |
75 | SIMPLE_JWT = {
76 | "ACCESS_TOKEN_LIFETIME": timedelta(minutes=5),
77 | "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
78 | "ROTATE_REFRESH_TOKENS": False,
79 | "BLACKLIST_AFTER_ROTATION": False,
80 | "UPDATE_LAST_LOGIN": False,
81 |
82 | 'AUTH_COOKIE': 'access_token', # Cookie name for the access token
83 | 'AUTH_COOKIE_REFRESH': 'refresh_token', # Cookie name for the refresh token
84 | 'AUTH_COOKIE_SECURE': False, # Set to True if using HTTPS
85 | 'AUTH_COOKIE_HTTP_ONLY': True, # Make the cookie HTTP only
86 | 'AUTH_COOKIE_PATH': '/', # Root path for the cookie
87 | 'AUTH_COOKIE_SAMESITE': 'Lax', # Adjust according to your needs
88 |
89 | }
90 |
91 | CSRF_COOKIE_SECURE = False
92 | SESSION_COOKIE_SECURE = False
93 |
94 | ROOT_URLCONF = 'backend.urls'
95 |
96 | TEMPLATES = [
97 | {
98 | 'BACKEND': 'django.template.backends.django.DjangoTemplates',
99 | 'DIRS': [],
100 | 'APP_DIRS': True,
101 | 'OPTIONS': {
102 | 'context_processors': [
103 | 'django.template.context_processors.debug',
104 | 'django.template.context_processors.request',
105 | 'django.contrib.auth.context_processors.auth',
106 | 'django.contrib.messages.context_processors.messages',
107 | ],
108 | },
109 | },
110 | ]
111 |
112 | WSGI_APPLICATION = 'backend.wsgi.application'
113 |
114 |
115 | # Database
116 | # https://docs.djangoproject.com/en/5.0/ref/settings/#databases
117 |
118 | DATABASES = {
119 | 'default': {
120 | 'ENGINE': 'django.db.backends.sqlite3',
121 | 'NAME': BASE_DIR / 'db.sqlite3',
122 | }
123 | }
124 |
125 |
126 | # Password validation
127 | # https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators
128 |
129 | AUTH_PASSWORD_VALIDATORS = [
130 | {
131 | 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
132 | },
133 | {
134 | 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
135 | },
136 | {
137 | 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
138 | },
139 | {
140 | 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
141 | },
142 | ]
143 |
144 |
145 | # Internationalization
146 | # https://docs.djangoproject.com/en/5.0/topics/i18n/
147 |
148 | LANGUAGE_CODE = 'en-us'
149 |
150 | TIME_ZONE = 'UTC'
151 |
152 | USE_I18N = True
153 |
154 | USE_TZ = True
155 |
156 |
157 | # Static files (CSS, JavaScript, Images)
158 | # https://docs.djangoproject.com/en/5.0/howto/static-files/
159 |
160 | STATIC_URL = 'static/'
161 |
162 | # Default primary key field type
163 | # https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field
164 |
165 | DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
166 |
--------------------------------------------------------------------------------
/backend/backend/urls.py:
--------------------------------------------------------------------------------
1 | """
2 | URL configuration for backend project.
3 |
4 | The `urlpatterns` list routes URLs to views. For more information please see:
5 | https://docs.djangoproject.com/en/5.0/topics/http/urls/
6 | Examples:
7 | Function views
8 | 1. Add an import: from my_app import views
9 | 2. Add a URL to urlpatterns: path('', views.home, name='home')
10 | Class-based views
11 | 1. Add an import: from other_app.views import Home
12 | 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
13 | Including another URLconf
14 | 1. Import the include() function: from django.urls import include, path
15 | 2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
16 | """
17 | from django.contrib import admin
18 | from django.urls import path, include
19 |
20 | urlpatterns = [
21 | path('admin/', admin.site.urls),
22 | path('api/', include('base.urls')),
23 | ]
24 |
--------------------------------------------------------------------------------
/backend/backend/wsgi.py:
--------------------------------------------------------------------------------
1 | """
2 | WSGI config for backend project.
3 |
4 | It exposes the WSGI callable as a module-level variable named ``application``.
5 |
6 | For more information on this file, see
7 | https://docs.djangoproject.com/en/5.0/howto/deployment/wsgi/
8 | """
9 |
10 | import os
11 |
12 | from django.core.wsgi import get_wsgi_application
13 |
14 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'backend.settings')
15 |
16 | application = get_wsgi_application()
17 |
--------------------------------------------------------------------------------
/backend/base/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/.DS_Store
--------------------------------------------------------------------------------
/backend/base/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__init__.py
--------------------------------------------------------------------------------
/backend/base/__pycache__/__init__.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/__init__.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/admin.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/admin.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/apps.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/apps.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/authentication.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/authentication.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/models.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/models.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/serializers.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/serializers.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/urls.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/urls.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/__pycache__/views.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/__pycache__/views.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/admin.py:
--------------------------------------------------------------------------------
1 | from django.contrib import admin
2 | from .models import Todo
3 |
4 | # Register your models here.
5 | admin.site.register(Todo)
--------------------------------------------------------------------------------
/backend/base/apps.py:
--------------------------------------------------------------------------------
1 | from django.apps import AppConfig
2 |
3 |
4 | class BaseConfig(AppConfig):
5 | default_auto_field = 'django.db.models.BigAutoField'
6 | name = 'base'
7 |
--------------------------------------------------------------------------------
/backend/base/authentication.py:
--------------------------------------------------------------------------------
1 | from rest_framework_simplejwt.authentication import JWTAuthentication
2 | from rest_framework.exceptions import AuthenticationFailed
3 |
4 | class CookiesJWTAuthentication(JWTAuthentication):
5 | def authenticate(self, request):
6 | access_token = request.COOKIES.get('access_token')
7 |
8 | if not access_token:
9 | return None
10 |
11 | validated_token = self.get_validated_token(access_token)
12 |
13 | try:
14 | user = self.get_user(validated_token)
15 | except AuthenticationFailed:
16 | return None
17 |
18 | return (user, validated_token)
--------------------------------------------------------------------------------
/backend/base/migrations/0001_initial.py:
--------------------------------------------------------------------------------
1 | # Generated by Django 5.1.1 on 2024-09-27 15:06
2 |
3 | import django.db.models.deletion
4 | from django.conf import settings
5 | from django.db import migrations, models
6 |
7 |
8 | class Migration(migrations.Migration):
9 |
10 | initial = True
11 |
12 | dependencies = [
13 | migrations.swappable_dependency(settings.AUTH_USER_MODEL),
14 | ]
15 |
16 | operations = [
17 | migrations.CreateModel(
18 | name='Todo',
19 | fields=[
20 | ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
21 | ('name', models.CharField(max_length=200)),
22 | ('completed', models.BooleanField(default=False)),
23 | ('owner', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='todo', to=settings.AUTH_USER_MODEL)),
24 | ],
25 | ),
26 | ]
27 |
--------------------------------------------------------------------------------
/backend/base/migrations/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/migrations/__init__.py
--------------------------------------------------------------------------------
/backend/base/migrations/__pycache__/0001_initial.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/migrations/__pycache__/0001_initial.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/migrations/__pycache__/__init__.cpython-312.pyc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/base/migrations/__pycache__/__init__.cpython-312.pyc
--------------------------------------------------------------------------------
/backend/base/models.py:
--------------------------------------------------------------------------------
1 | from django.db import models
2 | from django.contrib.auth.models import User
3 |
4 | class Todo(models.Model):
5 | name = models.CharField(max_length=200)
6 | completed = models.BooleanField(default=False)
7 | owner = models.ForeignKey(User, on_delete=models.CASCADE, related_name='todo')
8 |
9 |
--------------------------------------------------------------------------------
/backend/base/serializers.py:
--------------------------------------------------------------------------------
1 | from rest_framework import serializers
2 | from django.contrib.auth.models import User
3 | from rest_framework_simplejwt.tokens import RefreshToken
4 |
5 | from .models import Todo
6 |
7 |
8 | class UserRegisterSerializer(serializers.ModelSerializer):
9 | password = serializers.CharField(write_only=True)
10 |
11 | class Meta:
12 | model = User
13 | fields = ['username', 'email', 'password']
14 |
15 | def create(self, validated_data):
16 | user = User(
17 | username=validated_data['username'],
18 | email=validated_data['email']
19 | )
20 | user.set_password(validated_data['password'])
21 | user.save()
22 | return user
23 |
24 | class UserSerializer(serializers.ModelSerializer):
25 | class Meta:
26 | model = User
27 | fields = ['username']
28 |
29 | class TodoSerializer(serializers.ModelSerializer):
30 | class Meta:
31 | model = Todo
32 | fields = ['id', 'name', 'completed']
--------------------------------------------------------------------------------
/backend/base/tests.py:
--------------------------------------------------------------------------------
1 | from django.test import TestCase
2 |
3 | # Create your tests here.
4 |
--------------------------------------------------------------------------------
/backend/base/urls.py:
--------------------------------------------------------------------------------
1 | from django.urls import path
2 | from .views import get_todos, CustomTokenObtainPairView, CustomTokenRefreshView, logout, register, is_logged_in
3 |
4 | urlpatterns = [
5 | path('login/', CustomTokenObtainPairView.as_view(), name='token_obtain_pair'),
6 | path('logout/', logout),
7 | path('token/refresh/', CustomTokenRefreshView.as_view(), name='token_refresh'),
8 | path('todos/', get_todos),
9 | path('register/', register),
10 | path('authenticated/', is_logged_in),
11 | ]
--------------------------------------------------------------------------------
/backend/base/views.py:
--------------------------------------------------------------------------------
1 | from django.contrib.auth.models import User
2 | from rest_framework.response import Response
3 | from rest_framework.decorators import api_view, permission_classes
4 | from rest_framework.permissions import IsAuthenticated, AllowAny
5 |
6 | from rest_framework_simplejwt.views import TokenObtainPairView, TokenRefreshView
7 | from rest_framework_simplejwt.token_blacklist.models import BlacklistedToken, OutstandingToken
8 |
9 | from .models import Todo
10 | from .serializers import TodoSerializer, UserRegisterSerializer, UserSerializer
11 |
12 | from datetime import datetime, timedelta
13 |
14 |
15 | @api_view(['POST'])
16 | @permission_classes([AllowAny])
17 | def register(request):
18 | serializer = UserRegisterSerializer(data=request.data)
19 | if serializer.is_valid():
20 | serializer.save()
21 | return Response(serializer.data)
22 | return Response(serializer.error)
23 |
24 | class CustomTokenObtainPairView(TokenObtainPairView):
25 | def post(self, request, *args, **kwargs):
26 | try:
27 | response = super().post(request, *args, **kwargs)
28 | tokens = response.data
29 |
30 | access_token = tokens['access']
31 | refresh_token = tokens['refresh']
32 |
33 | seriliazer = UserSerializer(request.user, many=False)
34 |
35 | res = Response()
36 |
37 | res.data = {'success':True}
38 |
39 | res.set_cookie(
40 | key='access_token',
41 | value=str(access_token),
42 | httponly=True,
43 | secure=True,
44 | samesite='None',
45 | path='/'
46 | )
47 |
48 | res.set_cookie(
49 | key='refresh_token',
50 | value=str(refresh_token),
51 | httponly=True,
52 | secure=True,
53 | samesite='None',
54 | path='/'
55 | )
56 | res.data.update(tokens)
57 | return res
58 |
59 | except Exception as e:
60 | print(e)
61 | return Response({'success':False})
62 |
63 | class CustomTokenRefreshView(TokenRefreshView):
64 | def post(self, request, *args, **kwargs):
65 | try:
66 | refresh_token = request.COOKIES.get('refresh_token')
67 |
68 | request.data['refresh'] = refresh_token
69 |
70 | response = super().post(request, *args, **kwargs)
71 |
72 | tokens = response.data
73 | access_token = tokens['access']
74 |
75 | res = Response()
76 |
77 | res.data = {'refreshed': True}
78 |
79 | res.set_cookie(
80 | key='access_token',
81 | value=access_token,
82 | httponly=True,
83 | secure=False,
84 | samesite='None',
85 | path='/'
86 | )
87 | return res
88 |
89 | except Exception as e:
90 | print(e)
91 | return Response({'refreshed': False})
92 |
93 |
94 | @api_view(['POST'])
95 | @permission_classes([IsAuthenticated])
96 | def logout(request):
97 |
98 | try:
99 |
100 | res = Response()
101 | res.data = {'success':True}
102 | res.delete_cookie('access_token', path='/', samesite='None')
103 | res.delete_cookie('response_token', path='/', samesite='None')
104 |
105 | return res
106 |
107 | except Exception as e:
108 | print(e)
109 | return Response({'success':False})
110 |
111 | @api_view(['GET'])
112 | @permission_classes([IsAuthenticated])
113 | def get_todos(request):
114 | user = request.user
115 | todos = Todo.objects.filter(owner=user)
116 | serializer = TodoSerializer(todos, many=True)
117 | return Response(serializer.data)
118 |
119 | @api_view(['GET'])
120 | @permission_classes([IsAuthenticated])
121 | def is_logged_in(request):
122 | serializer = UserSerializer(request.user, many=False)
123 | return Response(serializer.data)
124 |
125 |
--------------------------------------------------------------------------------
/backend/db.sqlite3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/backend/db.sqlite3
--------------------------------------------------------------------------------
/backend/manage.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | """Django's command-line utility for administrative tasks."""
3 | import os
4 | import sys
5 |
6 |
7 | def main():
8 | """Run administrative tasks."""
9 | os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'backend.settings')
10 | try:
11 | from django.core.management import execute_from_command_line
12 | except ImportError as exc:
13 | raise ImportError(
14 | "Couldn't import Django. Are you sure it's installed and "
15 | "available on your PYTHONPATH environment variable? Did you "
16 | "forget to activate a virtual environment?"
17 | ) from exc
18 | execute_from_command_line(sys.argv)
19 |
20 |
21 | if __name__ == '__main__':
22 | main()
23 |
--------------------------------------------------------------------------------
/frontend/.gitignore:
--------------------------------------------------------------------------------
1 | # See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
2 |
3 | # dependencies
4 | /node_modules
5 | /.pnp
6 | .pnp.js
7 |
8 | # testing
9 | /coverage
10 |
11 | # production
12 | /build
13 |
14 | # misc
15 | .env
16 | .DS_Store
17 | .env.local
18 | .env.development.local
19 | .env.test.local
20 | .env.production.local
21 |
22 | npm-debug.log*
23 | yarn-debug.log*
24 | yarn-error.log*
25 |
--------------------------------------------------------------------------------
/frontend/README.md:
--------------------------------------------------------------------------------
1 | # Getting Started with Create React App
2 |
3 | This project was bootstrapped with [Create React App](https://github.com/facebook/create-react-app).
4 |
5 | ## Available Scripts
6 |
7 | In the project directory, you can run:
8 |
9 | ### `npm start`
10 |
11 | Runs the app in the development mode.\
12 | Open [http://localhost:3000](http://localhost:3000) to view it in your browser.
13 |
14 | The page will reload when you make changes.\
15 | You may also see any lint errors in the console.
16 |
17 | ### `npm test`
18 |
19 | Launches the test runner in the interactive watch mode.\
20 | See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information.
21 |
22 | ### `npm run build`
23 |
24 | Builds the app for production to the `build` folder.\
25 | It correctly bundles React in production mode and optimizes the build for the best performance.
26 |
27 | The build is minified and the filenames include the hashes.\
28 | Your app is ready to be deployed!
29 |
30 | See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information.
31 |
32 | ### `npm run eject`
33 |
34 | **Note: this is a one-way operation. Once you `eject`, you can't go back!**
35 |
36 | If you aren't satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project.
37 |
38 | Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you're on your own.
39 |
40 | You don't have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn't feel obligated to use this feature. However we understand that this tool wouldn't be useful if you couldn't customize it when you are ready for it.
41 |
42 | ## Learn More
43 |
44 | You can learn more in the [Create React App documentation](https://facebook.github.io/create-react-app/docs/getting-started).
45 |
46 | To learn React, check out the [React documentation](https://reactjs.org/).
47 |
48 | ### Code Splitting
49 |
50 | This section has moved here: [https://facebook.github.io/create-react-app/docs/code-splitting](https://facebook.github.io/create-react-app/docs/code-splitting)
51 |
52 | ### Analyzing the Bundle Size
53 |
54 | This section has moved here: [https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size](https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size)
55 |
56 | ### Making a Progressive Web App
57 |
58 | This section has moved here: [https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app](https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app)
59 |
60 | ### Advanced Configuration
61 |
62 | This section has moved here: [https://facebook.github.io/create-react-app/docs/advanced-configuration](https://facebook.github.io/create-react-app/docs/advanced-configuration)
63 |
64 | ### Deployment
65 |
66 | This section has moved here: [https://facebook.github.io/create-react-app/docs/deployment](https://facebook.github.io/create-react-app/docs/deployment)
67 |
68 | ### `npm run build` fails to minify
69 |
70 | This section has moved here: [https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify](https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify)
71 |
--------------------------------------------------------------------------------
/frontend/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "frontend",
3 | "version": "0.1.0",
4 | "private": true,
5 | "dependencies": {
6 | "@chakra-ui/react": "^2.8.2",
7 | "@emotion/react": "^11.13.3",
8 | "@emotion/styled": "^11.13.0",
9 | "@testing-library/jest-dom": "^5.17.0",
10 | "@testing-library/react": "^13.4.0",
11 | "@testing-library/user-event": "^13.5.0",
12 | "axios": "^1.7.7",
13 | "framer-motion": "^11.9.0",
14 | "js-cookie": "^3.0.5",
15 | "react": "^18.3.1",
16 | "react-dom": "^18.3.1",
17 | "react-icons": "^5.3.0",
18 | "react-router-dom": "^6.26.2",
19 | "react-scripts": "5.0.1",
20 | "web-vitals": "^2.1.4"
21 | },
22 | "scripts": {
23 | "start": "react-scripts start",
24 | "build": "react-scripts build",
25 | "test": "react-scripts test",
26 | "eject": "react-scripts eject"
27 | },
28 | "eslintConfig": {
29 | "extends": [
30 | "react-app",
31 | "react-app/jest"
32 | ]
33 | },
34 | "browserslist": {
35 | "production": [
36 | ">0.2%",
37 | "not dead",
38 | "not op_mini all"
39 | ],
40 | "development": [
41 | "last 1 chrome version",
42 | "last 1 firefox version",
43 | "last 1 safari version"
44 | ]
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/frontend/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/frontend/public/favicon.ico
--------------------------------------------------------------------------------
/frontend/public/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
12 |
13 |
17 |
18 |
27 | React App
28 |
29 |
30 |
31 |
32 |
42 |
43 |
44 |
--------------------------------------------------------------------------------
/frontend/public/logo192.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/frontend/public/logo192.png
--------------------------------------------------------------------------------
/frontend/public/logo512.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sgmselli/Django-React-Authentication/df3706e8b5ff236b4c9405de57c96a9cc840b8b4/frontend/public/logo512.png
--------------------------------------------------------------------------------
/frontend/public/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "short_name": "React App",
3 | "name": "Create React App Sample",
4 | "icons": [
5 | {
6 | "src": "favicon.ico",
7 | "sizes": "64x64 32x32 24x24 16x16",
8 | "type": "image/x-icon"
9 | },
10 | {
11 | "src": "logo192.png",
12 | "type": "image/png",
13 | "sizes": "192x192"
14 | },
15 | {
16 | "src": "logo512.png",
17 | "type": "image/png",
18 | "sizes": "512x512"
19 | }
20 | ],
21 | "start_url": ".",
22 | "display": "standalone",
23 | "theme_color": "#000000",
24 | "background_color": "#ffffff"
25 | }
26 |
--------------------------------------------------------------------------------
/frontend/public/robots.txt:
--------------------------------------------------------------------------------
1 | # https://www.robotstxt.org/robotstxt.html
2 | User-agent: *
3 | Disallow:
4 |
--------------------------------------------------------------------------------
/frontend/src/App.css:
--------------------------------------------------------------------------------
1 | .App {
2 | text-align: center;
3 | }
4 |
5 | .App-logo {
6 | height: 40vmin;
7 | pointer-events: none;
8 | }
9 |
10 | @media (prefers-reduced-motion: no-preference) {
11 | .App-logo {
12 | animation: App-logo-spin infinite 20s linear;
13 | }
14 | }
15 |
16 | .App-header {
17 | background-color: #282c34;
18 | min-height: 100vh;
19 | display: flex;
20 | flex-direction: column;
21 | align-items: center;
22 | justify-content: center;
23 | font-size: calc(10px + 2vmin);
24 | color: white;
25 | }
26 |
27 | .App-link {
28 | color: #61dafb;
29 | }
30 |
31 | @keyframes App-logo-spin {
32 | from {
33 | transform: rotate(0deg);
34 | }
35 | to {
36 | transform: rotate(360deg);
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/frontend/src/App.js:
--------------------------------------------------------------------------------
1 | import logo from './logo.svg';
2 | import './App.css';
3 | import {BrowserRouter as Router, Routes, Route} from 'react-router-dom'
4 | import { ChakraProvider } from '@chakra-ui/react'
5 |
6 | import { AuthProvider } from './context/useAuth';
7 |
8 | import Login from './routes/login';
9 | import Menu from './routes/menu';
10 | import Register from './routes/register';
11 |
12 | import Layout from './components/layout';
13 | import PrivateRoute from './components/private_route';
14 |
15 | function App() {
16 | return (
17 |
18 |
19 |
20 |
21 | } path='/' />
22 | } path='/login' />
23 | } path='/register' />
24 |
25 |
26 |
27 |
28 | );
29 | }
30 |
31 | export default App;
32 |
--------------------------------------------------------------------------------
/frontend/src/App.test.js:
--------------------------------------------------------------------------------
1 | import { render, screen } from '@testing-library/react';
2 | import App from './App';
3 |
4 | test('renders learn react link', () => {
5 | render();
6 | const linkElement = screen.getByText(/learn react/i);
7 | expect(linkElement).toBeInTheDocument();
8 | });
9 |
--------------------------------------------------------------------------------
/frontend/src/api/endpoints.js:
--------------------------------------------------------------------------------
1 | import axios from 'axios';
2 |
3 | const BASE_URL = 'http://127.0.0.1:8000/api/'
4 |
5 | const LOGIN_URL = `${BASE_URL}login/`
6 | const REGISTER_URL = `${BASE_URL}register/`
7 | const LOGOUT_URL = `${BASE_URL}logout/`
8 | const NOTES_URL = `${BASE_URL}todos/`
9 | const AUTHENTICATED_URL = `${BASE_URL}authenticated/`
10 |
11 | axios.defaults.withCredentials = true;
12 |
13 | export const login = async (username, password) => {
14 | try {
15 | const response = await axios.post(
16 | LOGIN_URL,
17 | { username, password }, // Object shorthand for cleaner syntax
18 | { withCredentials: true } // Ensures cookies are included
19 | );
20 |
21 | // Check if the response contains a success attribute (depends on backend response structure)
22 | return response.data
23 | } catch (error) {
24 | console.error("Login failed:", error);
25 | return false; // Return false or handle the error as needed
26 | }
27 | };
28 |
29 | export const get_notes = async () => {
30 | const response = await axios.get(NOTES_URL, { withCredentials: true });
31 | return response.data;
32 | };
33 |
34 | export const logout = async () => {
35 | const response = await axios.post(LOGOUT_URL, { withCredentials: true });
36 | return response.data;
37 | };
38 |
39 | export const register = async (username, email, password) => {
40 | const response = await axios.post(REGISTER_URL, {username, email, password}, { withCredentials: true });
41 | return response.data;
42 | };
43 |
44 | export const authenticated_user = async () => {
45 | const response = await axios.get(AUTHENTICATED_URL, { withCredentials: true });
46 | return response.data
47 | }
--------------------------------------------------------------------------------
/frontend/src/components/layout.js:
--------------------------------------------------------------------------------
1 | import { Flex } from "@chakra-ui/react"
2 |
3 | const Layout = ({children}) => {
4 | return (
5 |
6 | {children}
7 |
8 | )
9 | }
10 |
11 | export default Layout;
--------------------------------------------------------------------------------
/frontend/src/components/private_route.js:
--------------------------------------------------------------------------------
1 | import React from 'react';
2 | import { Navigate } from 'react-router-dom';
3 | import { useAuth } from '../context/useAuth';
4 | import Layout from './layout';
5 | import { Heading } from '@chakra-ui/react';
6 |
7 | import { useNavigate } from 'react-router-dom';
8 |
9 | const PrivateRoute = ({ children }) => {
10 | const { user, loading } = useAuth();
11 | const nav = useNavigate();
12 |
13 | if (loading) return Loading...;
14 |
15 | if (user) {
16 | return children
17 | }
18 | else {
19 | nav('/login')
20 | }
21 |
22 | };
23 |
24 | export default PrivateRoute;
25 |
--------------------------------------------------------------------------------
/frontend/src/context/useAuth.js:
--------------------------------------------------------------------------------
1 | import React, { createContext, useContext, useState, useEffect } from 'react'
2 | import { useNavigate } from 'react-router-dom';
3 |
4 | import { authenticated_user, login, logout, register } from '../api/endpoints';
5 |
6 | const AuthContext = createContext();
7 |
8 | export const AuthProvider = ({children}) => {
9 |
10 | const [user, setUser] = useState(null);
11 | const [loading, setLoading] = useState(true);
12 | const nav = useNavigate();
13 |
14 | const get_authenticated_user = async () => {
15 | try {
16 | const user = await authenticated_user();
17 | setUser(user);
18 | } catch (error) {
19 | setUser(null); // If the request fails, set the user to null
20 | } finally {
21 | setLoading(false); // Set loading to false after request completes
22 | }
23 | };
24 |
25 | const loginUser = async (username, password) => {
26 | const user = await login(username, password)
27 | if (user) {
28 | setUser(user)
29 | nav('/')
30 | } else {
31 | alert('Incorrect username or password')
32 | }
33 | }
34 |
35 | const logoutUser = async () => {
36 | await logout();
37 | nav('/login')
38 | }
39 |
40 | const registerUser = async (username, email, password, confirm_password) => {
41 | try {
42 | if (password === confirm_password) {
43 | await register(username, email, password)
44 | alert('User successfully registered')
45 | nav('/login')
46 | }
47 | } catch {
48 | alert('error registering user')
49 | }
50 | }
51 |
52 | useEffect(() => {
53 | get_authenticated_user();
54 | }, [window.location.pathname])
55 |
56 | return (
57 |
58 | {children}
59 |
60 | );
61 | }
62 |
63 | export const useAuth = () => useContext(AuthContext);
--------------------------------------------------------------------------------
/frontend/src/index.css:
--------------------------------------------------------------------------------
1 | body {
2 | margin: 0;
3 | font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen',
4 | 'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue',
5 | sans-serif;
6 | -webkit-font-smoothing: antialiased;
7 | -moz-osx-font-smoothing: grayscale;
8 | }
9 |
10 | code {
11 | font-family: source-code-pro, Menlo, Monaco, Consolas, 'Courier New',
12 | monospace;
13 | }
14 |
--------------------------------------------------------------------------------
/frontend/src/index.js:
--------------------------------------------------------------------------------
1 | import React from 'react';
2 | import ReactDOM from 'react-dom/client';
3 | import './index.css';
4 | import App from './App';
5 | import reportWebVitals from './reportWebVitals';
6 |
7 | const root = ReactDOM.createRoot(document.getElementById('root'));
8 | root.render(
9 |
10 |
11 |
12 | );
13 |
14 | // If you want to start measuring performance in your app, pass a function
15 | // to log results (for example: reportWebVitals(console.log))
16 | // or send to an analytics endpoint. Learn more: https://bit.ly/CRA-vitals
17 | reportWebVitals();
18 |
--------------------------------------------------------------------------------
/frontend/src/logo.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/frontend/src/reportWebVitals.js:
--------------------------------------------------------------------------------
1 | const reportWebVitals = onPerfEntry => {
2 | if (onPerfEntry && onPerfEntry instanceof Function) {
3 | import('web-vitals').then(({ getCLS, getFID, getFCP, getLCP, getTTFB }) => {
4 | getCLS(onPerfEntry);
5 | getFID(onPerfEntry);
6 | getFCP(onPerfEntry);
7 | getLCP(onPerfEntry);
8 | getTTFB(onPerfEntry);
9 | });
10 | }
11 | };
12 |
13 | export default reportWebVitals;
14 |
--------------------------------------------------------------------------------
/frontend/src/routes/login.js:
--------------------------------------------------------------------------------
1 | import {
2 | FormControl,
3 | FormLabel,
4 | Button,
5 | VStack,
6 | Input,
7 | Text,
8 | } from '@chakra-ui/react'
9 |
10 | import { useState } from 'react';
11 | import { useAuth } from '../context/useAuth';
12 | import { useNavigate } from 'react-router-dom';
13 |
14 | const Login = () => {
15 |
16 | const [username, setUsername] = useState('')
17 | const [password, setPassword] = useState('')
18 |
19 | const { loginUser } = useAuth();
20 | const nav = useNavigate();
21 |
22 | const handleLogin = async () => {
23 | await loginUser(username, password)
24 | }
25 |
26 | const handleNavigate = () => {
27 | nav('/register')
28 | }
29 |
30 | return (
31 |
32 | Login
33 |
34 | Username
35 | setUsername(e.target.value)} value={username} type='email' placeholder='Your username here' />
36 |
37 |
38 | Password
39 | setPassword(e.target.value)} value={password} type='password' placeholder='Your password here' />
40 |
41 |
42 | Don't have an account? Sign up
43 |
44 | )
45 | }
46 |
47 | export default Login;
--------------------------------------------------------------------------------
/frontend/src/routes/menu.js:
--------------------------------------------------------------------------------
1 | import { VStack, Text, Button } from "@chakra-ui/react"
2 |
3 | import { useEffect, useState } from "react"
4 |
5 | import { get_notes } from "../api/endpoints"
6 |
7 | import { useAuth } from "../context/useAuth";
8 |
9 | const Menu = () => {
10 |
11 | const [notes, setNotes] = useState([])
12 | const { user, logoutUser } = useAuth();
13 |
14 | useEffect(() => {
15 | const fetchNotes = async () => {
16 | const notes = await get_notes();
17 | setNotes(notes)
18 | }
19 | fetchNotes();
20 | }, [])
21 |
22 | const handleLogout = async () => {
23 | await logoutUser()
24 | };
25 |
26 | return (
27 |
28 | Welcome {user ? user.username : 'Guest'} 👋
29 |
30 | {notes.map((note) => {
31 | return {note.name}
32 | })}
33 |
34 |
35 |
36 | )
37 | }
38 |
39 | export default Menu;
--------------------------------------------------------------------------------
/frontend/src/routes/register.js:
--------------------------------------------------------------------------------
1 | import {
2 | FormControl,
3 | FormLabel,
4 | Button,
5 | VStack,
6 | Input,
7 | Text,
8 | } from '@chakra-ui/react'
9 |
10 | import { useState } from 'react';
11 | import { useAuth } from '../context/useAuth';
12 | import { useNavigate } from 'react-router-dom';
13 |
14 | const Register = () => {
15 |
16 | const [username, setUsername] = useState('')
17 | const [email, setEmail] = useState('')
18 | const [password, setPassword] = useState('')
19 | const [passwordConfirm, setPasswordConfirm] = useState('')
20 |
21 | const { registerUser } = useAuth();
22 | const nav = useNavigate();
23 |
24 | const handleLogin = async () => {
25 | await registerUser(username, email, password, passwordConfirm)
26 | }
27 |
28 | const handleNavigate = () => {
29 | nav('/login')
30 | }
31 |
32 | return (
33 |
34 | Register
35 |
36 | Username
37 | setUsername(e.target.value)} value={username} type='text' placeholder='Your username here' />
38 |
39 |
40 | Email
41 | setEmail(e.target.value)} value={email} type='email' placeholder='Your email here' />
42 |
43 |
44 | Password
45 | setPassword(e.target.value)} value={password} type='password' placeholder='Your password here' />
46 |
47 |
48 | Confirm Password
49 | setPasswordConfirm(e.target.value)} value={passwordConfirm} type='password' placeholder='Confirm password here' />
50 |
51 |
52 | Have an account? Sign up
53 |
54 | )
55 | }
56 |
57 | export default Register;
--------------------------------------------------------------------------------
/frontend/src/setupTests.js:
--------------------------------------------------------------------------------
1 | // jest-dom adds custom jest matchers for asserting on DOM nodes.
2 | // allows you to do things like:
3 | // expect(element).toHaveTextContent(/react/i)
4 | // learn more: https://github.com/testing-library/jest-dom
5 | import '@testing-library/jest-dom';
6 |
--------------------------------------------------------------------------------