Custom User Authentication with Simple JWT in Django RESTful/

...

/

Registration Serializer

Registration Serializer

Learn how to create a serializer for registering custom users.

We'll cover the following...

There are three steps to register a user using Simple JWT:

  1. Implementing the serializer
  2. Implementing the view
  3. Implementing the endpoint

This lesson focuses on implementing the serializer.

The user registration serializer

Let’s create a serializer for user registration. The registration serializer can be understood as a piece of code responsible for:

  • Taking the bundle of data required to create a user.
  • Validating the data either automatically or manually depending on which serializer class we use, either ModelSerializer or Serializer.
  • Saving the user object instance.
  • Converting the object to a stream of data capable of being stored in the database (serializing).
  • Deserializing any data that we might want to return from the database after a user object is created.

Validation involves checking:

  • Whether each of the user inputs has the corresponding data types described in the model.
  • The constraints of the fields. After validation, the validated data is passed to either the create() or update() inbuilt functions, which can create or update a model instance, respectively. In our case, we only need the create() method in line 14, as we are using the data to create a new user instance (object).

This shows how serializers are similar to the Django Forms class. We could go further and compare the workings of the Form and ModelForm classes to the Django REST framework’s Serializer and ModelSerializer.

The RegistrationSerializer, in line 6 below, uses the ModelSerializer class for serialization. The ModelSerializer class has three advantages:

  • It automatically maps the serializer fields from the model fields for you, unlike Serializer, where we have to explicitly declare all the fields.
  • It automatically validates the generated fields.
  • It comes with inbuilt .create and .update, which are simpler to implement.

Let’s create the RegistrationSerializer class in serializers.py.

Press + to interact
from rest_framework import serializers
from django.contrib.auth import get_user_model
User = get_user_model()
class RegistrationSerializer(serializers.ModelSerializer):
    password = serializers.CharField(
        max_length=68, min_length=8, write_only=True)
    class Meta:
        model = User
        fields = ['email', 'password']
    def create(self, validated_data):
        return User.objects.create_user(**validated_data)

In the RegistrationSerializer above:

  • The User variable in line 4 stores the custom user model gotten from get_user_model(), enabling us to use it in the serializer.

  • The serializer password field in line 7 customizes the User model password field to make it more secure by setting a specific range of password input. For example, it can take a password as long as 68 characters max_length=68, but not less than eight characters min_length=8, and set write_only=True to prevent the password from being read.

  • The Meta class in lines 10–12 links the serializer to the User model. It also specifies the attributes for mapping the model to the serializer.

  • The create() in line 14 is an inbuilt method that uses the validated data from the serializer to create a User object.

We did not include the rest of the user fields from the User model to the user RegistrationSerializer because these fields are filled by default. We can see the default values in the brackets of each field below.

Press + to interact
    is_verified = models.BooleanField(default=False)
    is_active = models.BooleanField(default=False)
    is_staff = models.BooleanField(default=False)
    created_at = models.DateTimeField(auto_now_add=True)

So, when we add the email and set the password, the rest are taken care of. Otherwise, if we want to map all the fields instead of just the email field, we would use the __all__ parameter for fields in our Meta class.

Note: there are two unspaced underscores on both sides of all.

Press + to interact
    class Meta:
        model = User
        fields = '__all__'

With this, we can provide values for the other fields when making the user registration API request. However, with our current settings, all we need to provide for a user creation is a password and an email address.

The user needs an activation link to enable the user’s login by setting the is_active and is_verified statuses to True.

Note: The user’s is_active and is_verified statuses are set to False by default when the user gets registered.

Try it

In the code widget below, let’s try what we have learned in this lesson:

  1. Add the required imports.
  2. Create the user registration serializer in serializers.py.

Adding the registration serializer class
We have only implemented the user registration serializer, so the code above shows no output.


 Ask