Features
Authentication
User registration and login system
Authentication
Time Capsule uses Django's built-in authentication system for secure user management.
User Registration
New users can register with:
- Username - Unique identifier
- Email - For account recovery and notifications
- Password - Securely hashed using Django's password hashers
Registration Process
- Navigate to
/register/ - Fill out the registration form
- Submit the form
- Redirected to login page on success
Passwords are automatically hashed using PBKDF2 algorithm with SHA256
Login
Registered users can log in with:
- Username
- Password
Login Process
- Navigate to
/login/ - Enter credentials
- Submit the form
- Redirected to dashboard on success
Session Management
- Sessions are managed by Django
- Users remain logged in across page visits
- Logout functionality available
- Session timeout configurable in settings
Security Features
Password Security
- Minimum length requirements
- Complexity validation
- Secure hashing (PBKDF2-SHA256)
- Protection against common passwords
Authentication Protection
- CSRF tokens on all forms
- Session hijacking prevention
- Secure cookie settings
- Login required decorators
Protected Routes
The following routes require authentication:
@login_required
- /dashboard/
- /capsule_create/
- /capsule_detail/<id>/
- /capsule_delete/<id>/Attempting to access these without login redirects to the login page.
Admin Authentication
Admin users have additional privileges:
- Access to Django admin panel
- Manual email sending
- Email testing interface
- Full database access
Admin Check
@user_passes_test(is_admin)
def admin_only_view(request):
# Only superusers can access
passUser Model
Time Capsule uses Django's default User model:
from django.contrib.auth.models import User
User fields:
- username
- email
- password (hashed)
- first_name
- last_name
- is_staff
- is_superuser
- date_joinedBest Practices
- Never share your password
- Use a strong, unique password
- Log out on shared computers
- Keep your email address up to date