The goal of this project is to support learning of the Django framework, with a primary focus on backend development. Along the way, it incorporates a variety of external services to meet different functional requirements. While the app is fundamentally backend-driven, certain advanced features—such as multi-factor authentication (MFA), donation payments, and user account deletion—introduce significant frontend complexity. As such, a solid understanding of JavaScript is recommended before exploring these sections: JavaScript Intermediate Docs
I am still a learner myself. Throughout development, I encountered and had to adopt many unfamiliar methodologies, which may have introduced occasional mistakes or inconsistencies in the documentation. Nevertheless, the process has been incredibly educational, and I hope others will find value in the experience and insights shared.
To get started, simply download Django.pdf
Or open the via OneDrive: Django Tutorial 2025.pdf,
and follow the instructions inside.
NOTE:
- I recommend opening the file in two-page view on a separate monitor for easier navigation.
- This project was mainly developed and tested in a Linux-based environment: RedHat family - Fedora.
- This project is built using the latest stable release of Django and up-to-date pip packages as of July 2025. All dependencies have been actively maintained to ensure compatibility, security, and modern development practices.
-
This project makes extensive use of Bootstrap 5 components, which—while widely supported—may no longer be the preferred choice for building modern, scalable applications, especially given the recent shift in popularity toward Tailwind CSS.
Nonetheless, I discovered several useful packages that simplified development and complemented Bootstrap's design system. They also helped streamline the documentation by saving visual and layout space, making the learning process more approachable.
- Login User
- Register User
- Models
- Multi-Factor Authentication
- Remove User
- Chat Rooms
- Payments
- Errors
- Contacting Support
More features are found within the documentation.
|
Logged-in users may revisit the login page to sign in as a different user; doing so will log out the current session. For accounts with MFA enabled, an OTP must be provided via authenticator app, email, or SMS. To prevent spamming, additional OTP requests are throttled with a 45-second cooldown. If required input fields from the MFA modal form are tampered with before submission (e.g. via HTML manipulation), a technical error will be displayed. |
 |
* during MFA logging to provide minimal feedback and protect personal data.
|
|
Visiting clients can register new users and optionally set a profile image during registration. Once registered, users are authenticated automatically and redirected to the main page. From their profile page, they can update their photo, password, and other account details at any time. If no image is provided, a default template image is automatically assigned. To handle media storage efficiently, the application integrates with Amazon S3 buckets. This setup ensures profile pictures are stored securely and reliably, leveraging AWS's globally distributed, scalable infrastructure. Offloading image management to S3 also simplifies server logic and improves performance across deployments. This app can optionally protect the clients of all ages by filtering out the profiles with NSFW images using third-party service: DeepaAI Users can delete their account anytime from the profile page, giving them full control over their data and online presence. |
 |
|
To register a new model, the user must be logged in and click the Add Model link on the main page. They will be redirected to a form to create the model. Upon successful submission, they are returned to the main page and can delete their models at any time from there.
Users can search for models using the search input. Search results may include their own models as well as those created by other users. Available filters include:
Depending on the selected filter, an additional input field may appear. For example, selecting “Creator ID” prompts the user to provide the corresponding ID. Model creation is gated behind a reCAPTCHA challenge to prevent spam and abusive requests. This safeguard helps protect the integrity and performance of the application's services. |
 |
|
Models are loaded in batches of five per request via infinite scroll. Relevant models matching the search criteria are displayed first. As users scroll further, additional—possibly irrelevant—models will appear beneath the initial results.
|
|
To activate multi-factor authentication (MFA), ensure your profile includes a current mobile number and email address. Verification codes will be sent to both, and must be validated before MFA can be enabled. Users can disable MFA at any time from their profile page. Since this is a critical security setting, they will be prompted to confirm their password as a safeguard. CustomLoginView() only. Django’s default admin login bypasses this mechanism. To maintain consistent authentication security, consider routing admin login through the custom view—or disabling access to the admin panel "login" site entirely.
|
 |
|
|
|
Users can remove their account at any time from the profile page. Because this is a critical action, password confirmation is required to proceed. Upon successful verification, a feedback panel appears displaying:
Users may cancel the deletion schedule at any point before the countdown completes—no password verification required. Canceling the schedule resets the countdown; if reinitiated, a fresh 30-day deletion interval begins. |
 |
|
Account deletions are handled by a background scheduler running on a separate server. Eligible accounts are processed every 15 minutes. A secondary fallback scheduler ensures full deletion in case of interruptions or failure in the primary task. |
|
The platform supports real-time conversations using ASGI and WebSockets. To start a direct chat, users can visit another user's profile and click the
Users can revisit their active conversations anytime via the My Chats dropdown on their own profile page.
A public chatroom also exists, but it’s not currently linked on any page. To access it manually, navigate to: The same goes for accessing other users, just use: |
 |
|
|
|
There are two payment flows available via Stripe: Buy Plan and Donate. Both are accessible only to authenticated users:
Users select from predefined plans via a dropdown. Backend validation enforces the selection, ensuring secure, tamper-proof payments. This page allows users to enter a custom donation amount. Key features include:
Although the example image shows a full address line, this feature is disabled in the current live implementation. Developers can manually re-enable it as needed. |
 |
|
✅ Upon payment completion, users are greeted with a confirmation screen and may redirect themselves back to the homepage. |
|
 |
DEBUG = False in your settings.py. When DEBUG = True, Django displays detailed debug pages instead, which are useful during development for diagnosing issues.
|
|
All users — whether logged in or not — can reach the support team via the direct URL: http://localhost:8000/contact.
To streamline communication, the form includes:
The contact form is protected by reCAPTCHA to block spam and automated abuse. Submissions are sent via a bot email connected to Zoho Mail, and repeated spam can trigger account suspension. That’s why keeping this protection in place is essential. |
 |
|
|