great video. love that you explain why you're doing something too instead of just copy pasting stuff. a note on omitting the password field in the response: this can actually be done with extra_kwargs in the class Meta. you don't have to create a separate serializer just for that. for example class Meta: model = UserAccount fields = ("id", "username", "password") extra_kwargs = {"password": {"write_only": True}} also in case someone wants a simpler way of adding validation it can be done at the model level by first importing the validator: from django.contrib.auth.password_validation import validate_password and then assigning it in the password field inside the custom user model: password = models.CharField(max_length=50, validators=[validate_password])
Excellent work Bryan. I thought I knew enough Django before I started watching your videos. as a self-taught programmer this is a treat for me. subscribed!
That's awesome. Tutorial Idea: Develop a blog using Next Js and Django Rest Framework with... 1. Authentication and Authorization 2. Commenting Feature 3. Like/Reaction
Ooo this one might work better for me. I had to stop on the other tutorial because my errors just kept getting worse and worse and worse and I didn't know how to fix anything and I was just getting frustrated lol. Wish me luck on this round.
;u; Second time going through this. By golly I'm going to finish this client website. User auth is the hardest part. Thanks for the all your help. Video tutorials are great, so thanks for making a good one.
This is a fantastic suggestion, in this project I'll keep it more simple but might put together a project around RTK Query where I show some of these more advanced things
Hello Bryan, i have a problem. When retrieving the user information via /api/users/me with the Bearer Auth token, the request gives me: 403 Forbidden "detail": "Authentication credentials were not provided." even if the email and password are correctly typed. Found no information on the internet that could help me. Do you have an idea of why it might not work?
Probably an expired token, you can hit then login endpoint to retrieve a new access token and use that in the /api/users/me endpoint to retrieve the user
With jwt authentication, typically the logging out happens on the front-end by just removing the credentials since there's no logging out necessarily on the backend other than blacklisting a token. If you rotate refresh tokens, then you will get a new refresh token when you hit the "refresh" endpoint, and if you have blacklisting, then the old refresh token will be on the blacklist. Blacklisting tokens works, but personally I wouldn't go that route and instead would just have shorter lifetimes on access and refresh tokens. A big benefit of jwt authentication is that you don't need to hit the database to make authorized requests, so blacklisting takes away the main benefit and becomes expensive as the blacklist grows.
Hi Bryan! I hope you're well. Thanks for sharing your knowledge in this underrated series. I cloned the Git repo and have been following along but I am receiving 500 errors on the express routed GET requests ex. localhost:3000/api/users/verify and cannot register or login. I thought it may have been a CORS issue but now I am thinking possibly something with my server config? I printed a more verbose error: {"error":"Something went wrong when trying to verify login statusFetchError: request to localhost:8000/api/token/verify/ failed, reason: connect ECONNREFUSED ::1:8000"}. I appreciate any help I am new to React and Redux 😀
I have a love/hate relationship with computing. After several hours I finally figured it out. I had node -v v18.12.0 installed and all I had to do was downgrade to v16.17.1 and now everything is working wonderfully. Excited to watch the series again.
great video. love that you explain why you're doing something too instead of just copy pasting stuff. a note on omitting the password field in the response: this can actually be done with extra_kwargs in the class Meta. you don't have to create a separate serializer just for that. for example
class Meta:
model = UserAccount
fields = ("id", "username", "password")
extra_kwargs = {"password": {"write_only": True}}
also in case someone wants a simpler way of adding validation it can be done at the model level by first importing the validator:
from django.contrib.auth.password_validation import validate_password
and then assigning it in the password field inside the custom user model:
password = models.CharField(max_length=50, validators=[validate_password])
Using documentation while coding helps us understand and learn how to search for information. Thank you for this great video.
Your way of explanation on the documentation is great for me as a beginner. Thank you for your tutorials.
Excellent work Bryan. I thought I knew enough Django before I started watching your videos. as a self-taught programmer this is a treat for me. subscribed!
God, The amount of knowledge I absorb.
That's awesome. Tutorial Idea: Develop a blog using Next Js and Django Rest Framework with...
1. Authentication and Authorization
2. Commenting Feature
3. Like/Reaction
Great work man just going through a project and find yours...its just perfect. Appreciate it
After a very long time . Awesome sir thanks for come back pls upload next part
After a long time. With Camera. Love it, can't wait for next part
Thanks for the great video, I think you replaced Djoser with some views and serializers, in this backend. great job.
Ooo this one might work better for me. I had to stop on the other tutorial because my errors just kept getting worse and worse and worse and I didn't know how to fix anything and I was just getting frustrated lol. Wish me luck on this round.
Great teacher, explains with details, use documentations. Thanks Bryan!
Yeah I am liking the documentation references after redoing this tutorial a second time. Gives me a secondary reference point to look at.
One suggestion, at the end of this series, convert it to Next.js too.
;u; Second time going through this. By golly I'm going to finish this client website. User auth is the hardest part. Thanks for the all your help. Video tutorials are great, so thanks for making a good one.
Awesome and recommend you sir to use something called RTK interceptor also to get new access token when access token expired.
This is a fantastic suggestion, in this project I'll keep it more simple but might put together a project around RTK Query where I show some of these more advanced things
is there a way to use Django only for cookies without express server?
thank you so much for this very usefull nd awesome content !!!
What is the alternative way of express to perform this operation? Because I don't want to use express in my project?
Can you make one with session Authentication, Django, React, Redux Toolkit. I know you have one similar but it uses vanilla Redux
I was thinking of doing something like that so definitely going to put that together
@@bryanbrkic I'm glad and it would be nice to see it coming
Awesome video.
Welcome back 🤝
thank you!
sir email already exist error not show. when uppercase.
Hey, how can i do this but by using Context API instead of Redux? Thanks!
Hello Bryan, i have a problem. When retrieving the user information via /api/users/me with the Bearer Auth token, the request gives me: 403 Forbidden "detail": "Authentication credentials were not provided." even if the email and password are correctly typed. Found no information on the internet that could help me. Do you have an idea of why it might not work?
Probably an expired token, you can hit then login endpoint to retrieve a new access token and use that in the /api/users/me endpoint to retrieve the user
i search how to create a logout view with jwt ??
i try blacklist but not work, refresh token still valid until automatic expire
With jwt authentication, typically the logging out happens on the front-end by just removing the credentials since there's no logging out necessarily on the backend other than blacklisting a token. If you rotate refresh tokens, then you will get a new refresh token when you hit the "refresh" endpoint, and if you have blacklisting, then the old refresh token will be on the blacklist.
Blacklisting tokens works, but personally I wouldn't go that route and instead would just have shorter lifetimes on access and refresh tokens. A big benefit of jwt authentication is that you don't need to hit the database to make authorized requests, so blacklisting takes away the main benefit and becomes expensive as the blacklist grows.
Thanks Man!
thank you for being here :D
very very good👍👍👍
Hi Bryan! I hope you're well. Thanks for sharing your knowledge in this underrated series. I cloned the Git repo and have been following along but I am receiving 500 errors on the express routed GET requests ex. localhost:3000/api/users/verify and cannot register or login. I thought it may have been a CORS issue but now I am thinking possibly something with my server config? I printed a more verbose error: {"error":"Something went wrong when trying to verify login statusFetchError: request to localhost:8000/api/token/verify/ failed, reason: connect ECONNREFUSED ::1:8000"}. I appreciate any help I am new to React and Redux 😀
I have a love/hate relationship with computing. After several hours I finally figured it out. I had node -v v18.12.0 installed and all I had to do was downgrade to v16.17.1 and now everything is working wonderfully. Excited to watch the series again.
@@markethd versioning issues are always fun haha
@@bryanbrkic haha right. I now see why Docker is such an excellent solution for full-stack applications.