Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
ArsLonga2020-04-13 21:07:07
Django
ArsLonga, 2020-04-13 21:07:07

Why might Django authenticate fail to hash the password?

Hello. There was a problem with the user authorization system in Django. Everything worked, but now for some reason the authenticate and login functions do not hash the password received from the form.
View for authorization:

def user_login(request):
if request.method == "POST":
    form = Login(request.POST)
    if form.is_valid():
        form_clean = form.cleaned_data
        user_login = form_clean['login']
        user_password = form_clean['password']
        print(user_password)
        user = authenticate(username=user_login, password=user_password)
        if user is not None:
            login(request, user)
            success_text = "Вы успешно вошли в систему."
            return render(request, 'login.html', context={'success':success_text})
        else:
            form = Login()
            err_message = 'Неправильная пара логин/пароль'
            return render(request, 'login.html', context={'login':form, 'err':err_message})
else:
    form = Login()
    return render(request, 'login.html', context={'login':form})


View for registration:
def registrate(request):
if request.method == "POST":
    registr_user = Registr(request.POST)
    if registr_user.is_valid():
        user = registr_user.save(commit=False)
        user.set_password(registr_user.cleaned_data['password'])
        user.save()
        login(request, user)
        return HttpResponseRedirect(reverse('main'))
    else:
        registr_user = Registr()
        return render(request, 'registration.html', context={'form':registr_user})
else:
    registr_user = Registr()
    return render(request, 'registration.html', context={'form':registr_user})


In addition, two signals are hung on the user model that extends the standard User:
The first one is when creating a new User object, I create a new MyUser object:
@receiver(post_save, sender=User)
def create_user_profile(sender, instance, created, **kwargs):
if created:
    MyUser.objects.create(user=instance, id=instance.id)

The second - when changing the MyUser password, I change the password for User:
@receiver(post_save, sender=MyUser)
def change_user_data(sender, instance, **kwargs):
    user = User.objects.get(id = instance.id)
    user.set_password(instance.password)
    user.save()

As a result, text password authorization works for the admin, and works for users after changing their passwords through the Dzhang admin panel. Also, before changing the password of users in the admin panel, I can log into their accounts using a hashed password.
Prompt, in what there can be a business. For the third day I can not solve this problem.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
dimastbk, 2020-04-14
@ArsLonga

MyUser.password apparently stores the hashed password (or are you storing it in plaintext?). And with User.set_password() you get a hash from the hash

Similar questions
K
Konstantin2017-06-26 14:22:13
Is there a bugless equivalent of Punto Switcher for Mac OS Sierra? 3Reply
Z
Zenko2017-09-12 15:00:43
Which module of those. support choose for the site? 2Reply
N
NeedSomeBackup2021-03-26 17:23:15
How to make spaces invisible when exporting CSV in Django? 1Reply
S
Sergey Protasov2019-09-09 13:49:33
Can anyone suggest a question and answer application in Django? 1Reply
H
hardwellZero2015-04-12 16:34:42
How to handle click on submit? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question