Mini-Build: Complete Auth System with Profiles

Build a complete authentication system: custom user model, registration with email, login/logout, user profiles with avatar uploads, and role-based access control. This combines all Module 7 concepts.

25 min•By Priygop Team•Updated 2026

Auth System Features

Custom User model with role and avatar
Registration with email validation
Login with email or username
Logout with flash message
User profile page with edit capability
Role-based access (student vs instructor)
Password change functionality
Session-based cart (bonus)

Complete Auth System

# Complete Authentication Flow

# accounts/models.py
# class CustomUser(AbstractUser):
#     email = models.EmailField(unique=True)
#     avatar = models.ImageField(upload_to='avatars/', blank=True)
#     role = models.CharField(max_length=20, choices=[
#         ('student', 'Student'), ('instructor', 'Instructor')
#     ], default='student')
#     bio = models.TextField(blank=True)

# accounts/views.py
# Register
# def register(request):
#     if request.method == 'POST':
#         form = RegistrationForm(request.POST)
#         if form.is_valid():
#             user = form.save()
#             login(request, user)
#             messages.success(request, 'Welcome!')
#             return redirect('profile')
#     return render(request, 'accounts/register.html', {'form': form})

# Profile
# @login_required
# def profile(request):
#     if request.method == 'POST':
#         form = ProfileForm(request.POST, request.FILES, instance=request.user)
#         if form.is_valid():
#             form.save()
#             messages.success(request, 'Profile updated!')
#             return redirect('profile')
#     else:
#         form = ProfileForm(instance=request.user)
#     return render(request, 'accounts/profile.html', {'form': form})

# Role-based access
# def instructor_required(view_func):
#     def wrapper(request, *args, **kwargs):
#         if not request.user.is_instructor:
#             messages.error(request, 'Instructor access required.')
#             return redirect('home')
#         return view_func(request, *args, **kwargs)
#     return wrapper

# accounts/urls.py
# urlpatterns = [
#     path('register/', views.register, name='register'),
#     path('profile/', views.profile, name='profile'),
#     path('login/', auth_views.LoginView.as_view(
#         template_name='accounts/login.html'), name='login'),
#     path('logout/', auth_views.LogoutView.as_view(), name='logout'),
# ]

Try It Yourself

Try It YourselfPython

Python Editor

✓ ValidTab = 2 spaces

# Build the complete auth system:
#
# 1. Create accounts app: python manage.py startapp accounts
# 2. Define CustomUser model (AbstractUser)
# 3. Set AUTH_USER_MODEL = 'accounts.CustomUser'
# 4. Run migrations (FIRST TIME â€” before any other migrations)
# 5. Create RegistrationForm (extend UserCreationForm)
# 6. Create login/register/profile views
# 7. Add EmailBackend for email login
# 8. Create templates for: register, login, profile
# 9. Add @login_required to protected views
# 10. Create superuser: python manage.py createsuperuser
# 11. Test: register, login, edit profile, logout

Output

Click ▶ Run to see the result

Edit the code on the left, then click Run (Ctrl+Enter)

Python|13 lines|591 chars|✓ Valid syntax

UTF-8

Tip

After registration, log the user in immediately with login(request, user) for a smooth UX flow.

Diagram

Loading diagram…

QuerySets are LAZY — no DB hit until evaluated.

Common Mistake

Warning

Not validating passwords during registration. Use Django's AUTH_PASSWORD_VALIDATORS for strength requirements.

Practice Task

Note

(1) Build complete auth flow: register, login, logout, profile. (2) Add password change/reset. (3) Add email verification.

Quick Quiz

Key Takeaways

Build a complete authentication system: custom user model, registration with email, login/logout, user profiles with avatar uploads, and role-based access control.
Custom User model with role and avatar
Registration with email validation
Login with email or username

Topics in This Module