target file /base/template/base/task_list.html

C:\Users\wue\Documents\GitHub\Django-To-Do-list-with-user-authentication>python manage.py
Traceback (most recent call last):
File "C:\Users\wue\Documents\GitHub\Django-To-Do-list-with-user-authentication\manage.py", line 10, in main
from django.core.management import execute_from_command_line
ModuleNotFoundError: No module named 'django'

Password not complex enough or not matching errors are not visible at registration, it just refreshes the screen. Any idea how to fix this?

Hey I know this is a sample project but I can't help myself. I found out that this web application has a IDOR vulnerability.
IDOR refers to indirect object reference, inshort any user can manipulate data of other users by just changing the id of the task.
For example: if you go on to create 2 users and each have 1 task, the second user can delete the task of the first user just by referencing the task id in the delete request. I think the restrictions should be in place for this to avoid it.

I am attaching a poc which shows how to delete another user's list item

base.Task: (models.W042) Auto-created primary key used when not defining a primary key type, by default 'django.db.models.AutoField'.
HINT: Configure the DEFAULT_AUTO_FIELD setting or the BaseConfig.default_auto_field attribute to point to a subclass of AutoField, e.g. 'django.db.models.BigAutoField'.