DEV Community

Cover image for Authentication system using Python (Django) and SvelteKit
John Owolabi Idogun
John Owolabi Idogun

Posted on • Updated on

Authentication system using Python (Django) and SvelteKit

What I built

A performant, secure and reliable session-based authentication system with Django backend and SvelteKit frontend. It has a CI enabled by GitHub actions.

Category Submission

DIY Deployments

App Link

Its live version is here.

Screenshots

Image description

Image description

Image description

Image description

Image description

Image description

Description

This app uses minimal dependencies (pure Django - no REST API framework) to build a secure, performant and reliable (with 100% automated test coverage, enforced static analysis using Python best uniform code standards) session-based authentication REST APIs which were then consumed by a SvelteKit-based frontend Application.

Users' profile images are uploaded directly to AWS S3 (in tests, we ditched S3 and used Django's InMemoryStorage for faster tests).

A custom password reset procedure was also incorporated, and Celery tasks did email sendings.

The front end is resilient as it can mostly work without JavaScript. The user session is persisted until it is destroyed and the experience gives a hybrid feel of a SPA and MPA (termed #transitionalApps by Rich Haris).

Link to Source Code

It's hosted on GitHub via django-auth-backend

GitHub logo Sirneij / django-auth-backend

Django session-based authentication system with SvelteKit frontend

django-auth-backend

CI Test coverage

Django session-based authentication system with SvelteKit frontend and GitHub actions-based CI.

This app uses minimal dependencies (pure Django - no REST API framework) to build a secure, performant and reliable (with 100% automated test coverage, enforced static analysis using Python best uniform code standards) session-based authentication REST APIs which were then consumed by a SvelteKit-based frontend Application.

Users' profile images are uploaded directly to AWS S3 (in tests, we ditched S3 and used Django's InMemoryStorage for faster tests).

A custom password reset procedure was also incorporated, and Celery tasks did email sendings.

Run locally

  • To run the application, clone it:

    git clone https://github.com/Sirneij/django-auth-backend.git
    Enter fullscreen mode Exit fullscreen mode

    You can, if you want, grab its frontend counterpart.

  • Change the directory into the folder and create a virtual environment using either Python 3.9, 3.10 or 3.11 (tested against the three versions). Then activate it:

    ~django-auth-backend$ virtualenv -p python3.11 virtualenv
    ~django-auth-backend$ source virtualenv/bin/activate 
    Enter fullscreen mode Exit fullscreen mode

Permissive License

MIT

Background (What made you decide to build this particular app? What inspired you?)

A few days ago, I shared the series I wrote on building an authentication system using rust (actix-web) and sveltekit with my LinkedIn connections. One of my connections requested that I make a Django version. I obliged and here it is!

How I built it (How did you utilize GitHub Actions or GitHub Codespaces? Did you learn something new along the way? Pick up a new skill?)

The backend service was built using Django with PostgreSQL database, Redis for session storage, and AWS S3 for file storage. The APIs were built without the use of external REST API frameworks such as Django REST framework. Data serialization and JSON responses were manually handled. Most of the views were made asynchronous. For testing, pytest and its ecosystem were heavily used. Mypy, Pylint and others were used for Static analysis. GitHub Actions were used for automated testing, coverage report and static analysis.

I learnt quite a few things:

  • Writing Django views with the async keyword and handling synchronous code in them
  • Manually handling and parsing multipart form data in Django view using the scantily documented (if even documented) MultiPartParser.
  • Setting up and enforcing standard Python code styles with mypy, pylint, prospector, pep8, pyflakes and a host of other tools.
  • Manually encoding form data, creating uploading and deleting mock files during tests
  • Setting up and fixing issues with GitHub actions for Django applications and using them to automatically test and analyze apps against different Python versions

Additional Resources/Info

This application is the Python (Django) version of this series. A series of articles will be written to explain how it was built. Watch out.

Top comments (2)

Collapse
 
developerbishwas profile image
Bishwas Bhandari

Thanks for the post. I wanted some of your insights...

I have been using this Django SvelteKit template as it's based on svelte5 with django; has auth (register, login, forgot/reset password), forms-actions, mailing, toast/flash messages, validations and other essential features. It apply some awesome magic to bind django backend with sveltekit forms-actions, you do not have to write extra fetch calls, it just works.

Also, the fetch call gets super easy as it provides an $api/ alias to do that...

Collapse
 
zsmain profile image
Ismail Zouaoui

@sirneij Thank you so much for this one John, it is much appreciated, God bless you