/django-react-auth

A simple user authentication system implemented using Django and React. It includes features like user registration, login, data fetching, and demonstrates secure session handling using JWT and HTTP-Only Cookies.

Primary LanguagePython

Django and React Authentication with JWT and HTTP-Only Cookies

This project implements a user authentication system using Django and React. It includes user registration, login, logout, and fetching user data. Authentication is handled using JWT (JSON Web Tokens) and HTTP-only cookies for improved security. The application's frontend is styled using Bootstrap.

The project consists of two directories:

  • client: Contains the React application
  • server: Contains the Django backend

Installation

To run this project on your local machine, follow the steps below:

Prerequisites

Ensure you have the following installed on your local machine:

  • Python 3.8 or higher
  • Node.js v14.15.0 or higher
  • npm 6.14.9 or higher

Setup

  1. Clone the repository:
    git clone https://github.com/<yourusername>/<yourrepository>.git
    
  2. Change into the directory:
    cd <yourrepository>
    

Server

  1. Navigate to the server directory:
    cd server
    
  2. Install Django and other dependencies:
    pip install -r requirements.txt
    
  3. Create a virtual environment (Optional but recommended):
    python -m venv env
    
  4. Activate the virtual environment: On Windows:
    .\env\Scripts\activate
    
    On MacOS/Linux:
    source env/bin/activate
    
  5. Create a .env file in the server directory and add your secret key like this:
    SECRET_KEY=<your-secret-key>
    

Client

  1. Navigate to the client directory:
    cd ../client
    
  2. Install all the dependencies:
    npm install
    
  3. Run the client:
    npm start
    

Now, your application should be running at localhost:3000.

Note:

  • The Django server should be running at the same time as the React application for the system to function properly.
  • The application uses the email field instead of the username field for user identification.