DEV Community

Purnima Chowrasia
Purnima Chowrasia

Posted on

#5 Django Journey: Learn DRF by building an e-commerce APIs

Hey dev.to community!

Update: User authentication Part 2

In user authentication part 1, I mentioned about starting with Token based authentication and securing product model. I have further extended this authentication feature with these added functionality:

  1. Both Product and Category models are protected: Only authenticated user can create POST/PUT/DELETE request. Anonymous user can only view the product and category, they cannot make any modification.
  2. Built user profile: This route allowed user to view their profile and update their profile details.
  3. Added change password functionality: Logged in user can change their password and on successful change of password their old token gets deleted and a new token is generated.
  4. Added logout functionality: Logged in user can now logout, that means their token will be deleted. So the token they received on login is no longer valid.
  5. Testing: Tested deleting or updating product or category only when logged in. Tested that authenticated user can view their profile, change password and logout.

Image description

See you’ll next time.. bye 👋

Complete code available here.

Top comments (0)