|
|
|
|
|
|
by Biganon
1055 days ago
|
|
|
The built-in auth system is one of the things I dislike the most about Django. It's 2023, people log in with e-mail addresses, and even if they log in with a username, make it case insensitive ffs The very first thing I have to do with each project is completely rebuild the user system, and if you wait until later then it's too late and it's way more difficult to do (according to the docs themselves) |
|
|
The moment you install Django, you have to add all the auth stuff to your todo list. If you're not a Django expert then its easily hours or days pointless work.
Pretty frustrating to instantly be given the large and for some people intimidating problem of implement signup/signin/forgot password/reset password and do it all properly, reliably and securely, even whilst Django smugly asserts that it's "batteries included".
You have to head off and find which auth plug in system to use, work out what is still maintained, which provides the features you need and then the task of integrating it with whatever front end you need to present to the user. All this you need to do if you are new to Django.
It's a huge gap in the Django offering, and makes Django look pretty out of date.
Django should come with a built in user flow that allows signup/signin/forgot password/reset password as well as related emails, and it should come with support for json web token and cookie session, plus example UI code for React, VueJS, plain HTML and maybe some of the other common JavaScript front ends too, as well as APIs for other front ends to use.
Why they don't provide this is hard to understand. It's just instant makework for developers.
Either this or drop the "batteries included" thing.