In Part 4, we built user profiles and assigned permissions. Now, it’s time to give users their own dashboard to manage content. Each user will be able to view, edit, and delete only their own posts.
What You’ll Learn
- Create a personal dashboard for logged-in users
- Filter content based on logged-in user
- Add update and delete functionality
- Secure views so users can’t edit others’ data
Step 1: Filter Posts by Logged-in User
In views.py:
|
1 2 3 4 5 6 7 |
from django.contrib.auth.decorators import login_required from .models import Post @login_required def dashboard(request): user_posts = Post.objects.filter(author=request.user) return render(request, 'myapp/dashboard.html', {'posts': user_posts}) |
Step 2: Add Author Field to Post Model
In models.py:
|
1 2 3 4 5 6 7 8 9 |
from django.contrib.auth.models import User class Post(models.Model): title = models.CharField(max_length=100) content = models.TextField() author = models.ForeignKey(User, on_delete=models.CASCADE) def __str__(self): return self.title |
Run:
|
1 2 |
python manage.py makemigrations python manage.py migrate |
Step 3: Modify Post Creation to Set Author
In your create view:
|
1 2 3 4 5 6 7 8 9 10 11 |
def create_post(request): if request.method == 'POST': form = PostForm(request.POST) if form.is_valid(): post = form.save(commit=False) post.author = request.user post.save() return redirect('dashboard') else: form = PostForm() return render(request, 'myapp/create_post.html', {'form': form}) |
Step 4: Create Dashboard Template
In templates/myapp/dashboard.html:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
<h2>My Posts</h2> <a href="{% url 'create_post' %}">Create New Post</a> {% for post in posts %} <div> <h3>{{ post.title }}</h3> <a href="{% url 'edit_post' post.id %}">Edit</a> | <a href="{% url 'delete_post' post.id %}">Delete</a> </div> {% empty %} <p>No posts yet.</p> {% endfor %} |
Step 5: Add Edit and Delete Views
In views.py:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
from django.shortcuts import get_object_or_404 @login_required def edit_post(request, pk): post = get_object_or_404(Post, pk=pk, author=request.user) form = PostForm(request.POST or None, instance=post) if form.is_valid(): form.save() return redirect('dashboard') return render(request, 'myapp/edit_post.html', {'form': form}) @login_required def delete_post(request, pk): post = get_object_or_404(Post, pk=pk, author=request.user) if request.method == 'POST': post.delete() return redirect('dashboard') return render(request, 'myapp/delete_post.html', {'post': post}) |
Step 6: Add URLs
In myapp/urls.py:
|
1 2 3 |
path('dashboard/', views.dashboard, name='dashboard'), path('edit/<int:pk>/', views.edit_post, name='edit_post'), path('delete/<int:pk>/', views.delete_post, name='delete_post'), |
Step 7: Create Edit and Delete Templates
edit_post.html:
|
1 2 3 4 5 6 7 |
<h2>Edit Post</h2> <form method="POST"> {% csrf_token %} {{ form.as_p }} <button type="submit">Save Changes</button> </form> |
delete_post.html:
|
1 2 3 4 5 6 7 |
<h2>Are you sure you want to delete "{{ post.title }}"?</h2> <form method="POST"> {% csrf_token %} <button type="submit">Yes, Delete</button> <a href="{% url 'dashboard' %}">Cancel</a> </form> |
Conclusion
You’ve successfully created a user dashboard where authenticated users can manage their own content. This is a crucial step toward building real-world apps like blogs, portals, or admin panels.
Coming in Part 6: Learn how to upload and display media files like images and documents!