Gestor de Tareas Django delegates all authentication to Django’s built-in authentication framework. There are no custom login models, no API tokens, and no third-party OAuth providers — just the standardDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/LucPinheiro/gestor-tarea-django/llms.txt
Use this file to discover all available pages before exploring further.
User model, session cookies, and LoginView/LogoutView class-based views wired up in mi_proyecto/urls.py. This keeps the security surface small and lets you manage users entirely through the Django admin.
Logging In
The login page is served at the root URL/ using Django’s built-in LoginView with a custom template.
mi_proyecto/urls.py is:
Open the login page
http://127.0.0.1:8000/. Unauthenticated users land here automatically when they try to access any protected view.Enter your credentials
Submit and redirect
LOGIN_REDIRECT_URL, which is set to /tareas/. You will land on the Kanban view of your task list.If the credentials are invalid, the login page re-renders with a validation error and no session is created.Logging Out
Logout is handled by Django’s built-inLogoutView at /logout/.
Send a POST request to /logout/
LogoutView requires a POST request to invalidate the session. This is enforced to prevent cross-site request forgery (CSRF) logout attacks. The logout link or button in the application includes a CSRF token.Protected Views
Most views require an active login session. The@login_required decorator is applied at the function level in tareas/views.py. Requests from unauthenticated users are redirected to LOGIN_URL = 'login', which resolves to /.
Views decorated with @login_required
lista_tareas — GET /tareas/
lista_tareas — GET /tareas/
?vista=kanban) and list (?vista=lista) modes. Requires login to prevent public access to the full task database.detalle_tarea — GET /detalle/<id>/
detalle_tarea — GET /detalle/<id>/
Tarea. Login is required because the detail page also exposes the edit, delete, and export controls.editar_tarea — GET /editar/<id>/ and POST /editar/<id>/
editar_tarea — GET /editar/<id>/ and POST /editar/<id>/
eliminar_tarea — GET /eliminar/<id>/ and POST /eliminar/<id>/
eliminar_tarea — GET /eliminar/<id>/ and POST /eliminar/<id>/
GET) and executes the deletion (POST). Both request methods require login.exportar_csv — GET /exportar/?tarea_id=<id> and POST /exportar/
exportar_csv — GET /exportar/?tarea_id=<id> and POST /exportar/
importar_csv — GET /importar/ and POST /importar/
importar_csv — GET /importar/ and POST /importar/
GET) and processes the uploaded file (POST). Requires login to prevent unauthorised bulk data creation.cambiar_estado_simple — GET /cambiar-estado/<id>/<estado>/
cambiar_estado_simple — GET /cambiar-estado/<id>/<estado>/
cambiar_prioridad — GET /tareas/<id>/prioridad/<prioridad>/
cambiar_prioridad — GET /tareas/<id>/prioridad/<prioridad>/
Views without @login_required
@login_required in the current source code:crear_tareaat/crear/— unauthenticated users can access the task creation form and submit new tasks without logging in.eliminar_tareas_seleccionadasatPOST /eliminar-seleccionadas/— unauthenticated users can submit a bulk-delete request without logging in.
@login_required decorator to both crear_tarea and eliminar_tareas_seleccionadas in tareas/views.py.Creating Users
Gestor de Tareas Django does not include a self-service user registration page. New user accounts must be created by an administrator using one of the two methods below.- Superuser (CLI)
- Additional users (Admin panel)
/ (the app) and /admin/ (the Django admin).