feat: implement custom user model with JWT authentication and registration endpoints

2026-05-04 08:56:52 +00:00 · 2026-04-09 14:10:52 +05:30
parent 6bf186806b
commit f1c3b3f9f2
14 changed files with 242 additions and 4 deletions
@@ -11,7 +11,9 @@ https://docs.djangoproject.com/en/6.0/ref/settings/
 """

 import os
+from datetime import timedelta
 from pathlib import Path
+
 import environ

 # Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -42,12 +44,13 @@ INSTALLED_APPS = [
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
-    "rest_framework", # for API
-    "corsheaders", # for API and Frontend connect
+    "rest_framework",  # for API
+    "corsheaders",  # for API and Frontend connect
+    "users",  # custom user app
 ]

 MIDDLEWARE = [
-    "corsheaders.middleware.CorsMiddleware", # allow frontend to connect
+    "corsheaders.middleware.CorsMiddleware",  # allow frontend to connect
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
@@ -93,6 +96,22 @@ DATABASES = {

 CORS_ALLOWED_ORIGINS = env.list("CORS_ALLOWED_ORIGINS")

+AUTH_USER_MODEL = "users.User"
+
+REST_FRAMEWORK = {
+    "DEFAULT_AUTHENTICATION_CLASSES": ("rest_framework_simplejwt.authentication.JWTAuthentication",),
+    "DEFAULT_PERMISSION_CLASSES": ("rest_framework.permissions.IsAuthenticated",),
+}
+
+SIMPLE_JWT = {
+    "ACCESS_TOKEN_LIFETIME": timedelta(minutes=60),
+    "REFRESH_TOKEN_LIFETIME": timedelta(days=1),
+    "ROTATE_REFRESH_TOKENS": True,
+    "BLACKLIST_AFTER_ROTATION": True,
+    "AUTH_HEADER_TYPES": ("Bearer",),
+    "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",),
+}
+

 # Password validation
 # https://docs.djangoproject.com/en/6.0/ref/settings/#auth-password-validators