django自定义用户模型密码没有被散列 [英] django custom user model password is not being hashed

问题描述

我有自己的自定义用户模型，也有自己的经理.

I have my own custom User model, and its own Manger too.

型号:

class MyUser(AbstractBaseUser, PermissionsMixin):
    email = models.EmailField(max_length=255, unique=True)
    first_name = models.CharField(max_length=35)
    last_name = models.CharField(max_length=35)
    username = models.CharField(max_length=70, unique=True)
    date_of_birth = models.DateField()
    is_active = models.BooleanField(default=True)
    is_admin = models.BooleanField(default=False)

    @property
    def is_staff(self):
        return self.is_admin

    def get_full_name(self):
        return ('%s %s') % (self.first_name, self.last_name)

    def get_short_name(self):
        return self.username

    objects = MyUserManager()
    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ['first_name', 'last_name', 'username', 'date_of_birth']

经理:

class MyUserManager(BaseUserManager):
    def create_user(self, email, first_name, last_name, username, date_of_birth, password=None, **kwargs):
        if not email:
            raise ValueError('User must have an email address')

        user = self.model(
            email=self.normalize_email(email),
            first_name=first_name,
            last_name=last_name,
            username=username,
            date_of_birth=date_of_birth,
            **kwargs
        )
        user.set_password(self.cleaned_data["password"])
        user.save(using=self._db)
        return user

    def create_superuser(self, email, first_name, last_name, username, date_of_birth, password, **kwargs):
        user = self.create_user(
            email,
            first_name=first_name,
            last_name=last_name,
            username=username,
            date_of_birth=date_of_birth,
            password=password,
            is_superuser=True,
            **kwargs
        )
        user.is_admin = True
        user.save(using=self._db)
        return user

创建新用户时一切正常，没有任何错误.但是，当我尝试登录时无法.因此，我检查了用户的密码以进行确认，并且密码显示为纯文本 strongpassword ，并且当更改管理表单以使用 ReadOnlyPasswordHashField 获取哈希密码时，我在密码字段，即使我在 create_user()函数中为Manger使用了 set_password().

Everything works when creating a new user without any errors. But when I try to login I can't. So I checked the user's password to confirm and the password is displayed as plain text strongpassword, and when changed admin form to get the hashed password using ReadOnlyPasswordHashField I get an error inside the password field, even though I used set_password() for the Manger inside the create_user() function.

无效的密码格式或未知的哈希算法

Invalid password format or unknown hashing algorithm

但是，如果我手动为该用户执行 set_password('strongpassword')，则会对其进行哈希处理.您能帮我解决这个问题吗?谢谢.

However, if I manually do set_password('strongpassword') for that user it is then hashed. Could you please help me solve this problem. Thank you.

推荐答案

您似乎以不使用经理的 create_user 方法的方式创建了用户，例如通过Django admin.

It looks like you created a user in a way that does not use your manager's create_user method, for example through the Django admin.

如果创建自定义用户，则需要定义一个自定义模型表单和模型admin，以正确处理密码.

If you create a custom user, you need to define a custom model form and model admin that handles the password properly.

否则，通过Django管理员创建用户时，密码不会散列.

Otherwise, passwords will not hashed when a user is created through the Django admin.

文档中的示例创建自定义用户说明了如何创建模型表单和模型管理员.

The example in docs for creating a custom users shows how to create the model form and model admin.

这篇关于django自定义用户模型密码没有被散列的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！