Django Login & Logout
Implementing user login and logout functionality
🔓 What is Login & Logout?
Login authenticates users and creates sessions, while logout ends sessions and clears authentication. Django provides built-in views and functions to handle these operations securely and efficiently.
# views.py - Basic login
from django.contrib.auth import authenticate, login
user = authenticate(username='john', password='pass123')
if user is not None:
login(request, user)
Login & Logout Flow
User Submits
Enter credentials
Authenticate
Verify credentials
Create Session
Login user
Redirect
Go to dashboard
🔹 Creating a Login View
Build a custom login view that authenticates users and creates sessions. Use Django's authenticate and login functions to handle the authentication process securely.
# views.py
from django.shortcuts import render, redirect
from django.contrib.auth import authenticate, login
from django.contrib import messages
def login_view(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
# Authenticate user
user = authenticate(request, username=username, password=password)
if user is not None:
# Login successful
login(request, user)
messages.success(request, f'Welcome back, {username}!')
# Redirect to next page or dashboard
next_url = request.GET.get('next', 'dashboard')
return redirect(next_url)
else:
# Login failed
messages.error(request, 'Invalid username or password')
return render(request, 'login.html')🔹 Login Form Template
Create a user-friendly login form with proper error handling and CSRF protection. Display validation messages and maintain user experience with helpful feedback.
<!-- login.html -->
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<style>
.login-container {
max-width: 400px;
margin: 50px auto;
padding: 20px;
border: 1px solid #ddd;
border-radius: 8px;
}
.form-group {
margin-bottom: 15px;
}
label {
display: block;
margin-bottom: 5px;
font-weight: bold;
}
input[type="text"], input[type="password"] {
width: 100%;
padding: 8px;
border: 1px solid #ccc;
border-radius: 4px;
}
button {
width: 100%;
padding: 10px;
background: #007cba;
color: white;
border: none;
border-radius: 4px;
cursor: pointer;
}
.error {
color: red;
margin-bottom: 10px;
}
</style>
</head>
<body>
<div class="login-container">
<h2>Login</h2>
{% if messages %}
{% for message in messages %}
<div class="error">{{ message }}</div>
{% endfor %}
{% endif %}
<form method="post">
{% csrf_token %}
<div class="form-group">
<label for="username">Username:</label>
<input type="text" id="username" name="username" required>
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" id="password" name="password" required>
</div>
<button type="submit">Login</button>
</form>
<p>Don't have an account? <a href="{% url 'register' %}">Register</a></p>
</div>
</body>
</html>Output:
Login
Don't have an account? Register
🔹 Creating a Logout View
Implement logout functionality to end user sessions and clear authentication. Django's logout function handles session cleanup and security automatically.
# views.py
from django.shortcuts import redirect
from django.contrib.auth import logout
from django.contrib import messages
def logout_view(request):
logout(request)
messages.success(request, 'You have been logged out successfully')
return redirect('home')
# Alternative: Logout with confirmation
def logout_confirm_view(request):
if request.method == 'POST':
logout(request)
return redirect('home')
return render(request, 'logout_confirm.html')🔹 URL Configuration
Configure URL patterns to connect login and logout views. Set up proper routing for authentication pages and redirects.
# urls.py
from django.urls import path
from . import views
urlpatterns = [
path('login/', views.login_view, name='login'),
path('logout/', views.logout_view, name='logout'),
path('dashboard/', views.dashboard, name='dashboard'),
]
# OR use Django's built-in views
from django.contrib.auth import views as auth_views
urlpatterns = [
path('login/', auth_views.LoginView.as_view(
template_name='login.html'
), name='login'),
path('logout/', auth_views.LogoutView.as_view(
next_page='home'
), name='logout'),
]🔹 Using Django's Built-in Views
Django provides ready-to-use authentication views that handle common scenarios. These views save development time and follow security best practices automatically.
# urls.py - Using built-in authentication views
from django.contrib.auth import views as auth_views
from django.urls import path
urlpatterns = [
# Login view
path('accounts/login/',
auth_views.LoginView.as_view(
template_name='registration/login.html',
redirect_authenticated_user=True
),
name='login'),
# Logout view
path('accounts/logout/',
auth_views.LogoutView.as_view(
next_page='home'
),
name='logout'),
# Password reset views
path('password-reset/',
auth_views.PasswordResetView.as_view(),
name='password_reset'),
]🔹 Remember Me Functionality
Add "Remember Me" checkbox to extend session duration. Control how long users stay logged in based on their preference.
# views.py
def login_view(request):
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
remember_me = request.POST.get('remember_me')
user = authenticate(request, username=username, password=password)
if user is not None:
login(request, user)
# Set session expiry
if not remember_me:
# Session expires when browser closes
request.session.set_expiry(0)
else:
# Session lasts for 2 weeks
request.session.set_expiry(1209600)
return redirect('dashboard')
return render(request, 'login.html')
# In template, add checkbox:
# <input type="checkbox" name="remember_me"> Remember Me