9 Sessions and Authentication

So far, we have used Django to develop dynamic applications that allow users to interact with application models, but we have not attempted to secure these applications from unwanted use. For example, our Bookr app allows unauthenticated users to add reviews and upload media. This is a critical security issue for any online web app as it leaves the site open to the posting of spam or other inappropriate material and the vandalism of existing content. We want the creation and modification of content to be strictly limited to authenticated users who have registered with the site.

The authentication app supplies Django with the models for representing users, groups, and permissions. It also provides middleware, utility ...

Get Web Development with Django - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Web Development with Django - Second Edition by Ben Shaw, Saurabh Badhwar, Chris Guest, Bharath Chandra K S

9

Sessions and Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly