0

In Django documentation, it says that it hashes the password but is not saving it, so I have to save it, as I did. If I create a superuser then everything is ok, but when I try to create a user account, the password gets saved unhashed into the database. I try to use make_password, but that doesn't work either, I get the same result. Do you have any idea?

models.py

from django.contrib.auth.hashers import make_password from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin, BaseUserManager from datetime import datetime from django.core.validators import MinLengthValidator from .CHOICES import * from django.utils.translation import gettext_lazy as _ from django.db import models # Create your models here. country_choice = COUNTRY_CHOICE class CustomAccountManager(BaseUserManager):

Here is the custom user model.

def create_superuser(self, email, username, first_name, password, **other_fields): other_fields.setdefault('is_staff', True) other_fields.setdefault('is_superuser', True) other_fields.setdefault('is_active', True) if other_fields.get('is_staff') is not True: raise ValueError('Superuser must be assigned to is_staff=True.') if other_fields.get('is_superuser') is not True: raise ValueError('Superuser must be assigned to is_superuser=True.') return self.create_user(email, username, first_name, password, **other_fields)

Here is the user model.

def create_user(self, email, username, first_name, password, **other_fields): if not email: raise ValueError(_('You must provide an email address')) email = self.normalize_email(email) user = self.model(email=email, username=username, first_name=first_name, **other_fields) user.set_password(password) # user.make_password(self.request.data[password]) user.save() return user class NewUser(AbstractBaseUser, PermissionsMixin): email = models.EmailField(_('email address'), unique=True) username = models.CharField(max_length=50, validators=[MinLengthValidator(8)], unique=True) first_name = models.CharField(max_length=30, validators=[MinLengthValidator(3)], blank=False) middle_name = models.CharField(max_length=30, blank=True) last_name = models.CharField(max_length=30, validators=[MinLengthValidator(3)], blank=False) # date_of_birth = models.DateField(blank=True) # month = models.IntegerField(validators=[MinValueValidator(1), MaxValueValidator(12)], blank=False) # year = models.IntegerField(validators=[MinValueValidator(1942), MaxValueValidator(2017)], blank=False) # gender model GENDER_CHOICES = ( ('M', 'Male'), ('F', 'Female'), ('O', 'Other'), ) gender = models.CharField(max_length=1, choices=[('M', 'Male'), ('F', 'Female'), ('O', 'Other')], blank=False) country = models.CharField(max_length=2, choices=COUNTRY_CHOICE, blank=False) datetime = models.DateTimeField(default=datetime.now()) objects = CustomAccountManager() is_staff = models.BooleanField(default=False) is_active = models.BooleanField(default=False) USERNAME_FIELD = 'username' REQUIRED_FIELDS = ['email', 'first_name'] def __str__(self): return self.username

Then I have forms.py

from django.forms import ModelForm, TextInput, EmailInput, PasswordInput from .models import NewUser class Person(ModelForm): class Meta: model = NewUser fields = ["username", "email", "first_name", "middle_name", "last_name", "gender", "country", "password"]

And views.py

def register(request): if request.user.is_authenticated: return redirect('profiles') else: if request.method == 'POST': form_one = Person(request.POST) Person() if form_one.is_valid(): form_one.save() username = form_one.cleaned_data.get("username") messages.success(request, f"Account created for {username}!") return redirect("login_user") else: form_one = Person() return render(request, "accounts/register.html", {"form_one": form_one})

I don't understand what's wrong. Sorry for anything that might upset you, I'm new with Django, and I can't say I'm a python expert, but I try my best. Thank you very much in advance! Github link to the whole project https://github.com/RazzTazz28/Django-Atlas.

Improve this question

1 Answer 1

Reset to default
1

you have to save the user after set_password. Set password only creates a hashed pasword, you have to save it

if (request.method == 'POST'): username = request.POST.get('username') password = request.POST.get('password') user = User.objects.create_user( email=email, name=username, password=password, ) user.set_password(password) user.save()
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Thank you for answering. I don't know where I can find the validated_data parameter. My model doesn't extend the User model, I figure out that I have to create a custom form since I created a custom model. By default, set_password should hash the password, but I guess that the form I have right now cancels that function for some reason. Not sure though.
But I call user.save() right after set_password. I split the code with a comment, I apologize, I will edit the question right away.
see edited answer this os the system to register with hashed password
Lol is actually working! Thank you very much, you are my hero!! Just a small question. Is request.POST.get safe for password management?
if you use https protocol its save

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.