256
The correct way to create a user in Django is to use the create_user function. This will handle the hashing of the password, etc..
from django.contrib.auth.models import User
user = User.objects.create_user(username='john',
email='jlennon@beatles.com',
password='glass onion')
24
Have you confirmed that you are passing actual values and not None?
from django.shortcuts import render
def createUser(request):
userName = request.REQUEST.get('username', None)
userPass = request.REQUEST.get('password', None)
userMail = request.REQUEST.get('email', None)
# TODO: check if already existed
if userName and userPass and userMail:
u,created = User.objects.get_or_create(userName, userMail)
if created:
# user was created
# set the password here
else:
# user was retrieved
else:
# request was empty
return render(request,'home.html')
- [Django]-Get the latest record with filter in Django
- [Django]-Django rest framework serializing many to many field
- [Django]-Good open source django project for learning
15
Bulk user creation with set_password
I you are creating several test users, bulk_create is much faster, but we can’t use create_user with it.
set_password is another way to generate the hashed passwords:
def users_iterator():
for i in range(nusers):
is_superuser = (i == 0)
user = User(
first_name='First' + str(i),
is_staff=is_superuser,
is_superuser=is_superuser,
last_name='Last' + str(i),
username='user' + str(i),
)
user.set_password('asdfqwer')
yield user
class Command(BaseCommand):
def handle(self, **options):
User.objects.bulk_create(iter(users_iterator()))
Question specific about password hashing: How to use Bcrypt to encrypt passwords in Django
Tested in Django 1.9.
- [Django]-How exactly do Django content types work?
- [Django]-Serving Media files during deployment in django 1.8
- [Django]-Django auto_now and auto_now_add
6
If you creat user normally, you will not be able to login as password creation method may b different
You can use default signup form for that
from django.contrib.auth.forms import UserCreationForm
You can extend that also
from django.contrib.auth.forms import UserCreationForm
class UserForm(UserCreationForm):
mobile = forms.CharField(max_length=15, min_length=10)
email = forms.EmailField(required=True)
class Meta:
model = User
fields = ['username', 'password', 'first_name', 'last_name', 'email', 'mobile' ]
Then in view use this class
class UserCreate(CreateView):
form_class = UserForm
template_name = 'registration/signup.html'
success_url = reverse_lazy('list')
def form_valid(self, form):
user = form.save()
- [Django]-When to use get, get_queryset, get_context_data in Django?
- [Django]-How to access outermost forloop.counter with nested for loops in Django templates?
- [Django]-Django Cannot set values on a ManyToManyField which specifies an intermediary model. Use Manager instead
1
If you simply use object.save() to create user, the raw password will be directly visiable inside the database.
First, not secure.
Second, the encryption of the password is not done, causing the decryptor will use the raw password inside your database to decrypto a wrong password, which makes logging in impossible.
I guess every time you use authenticate function from django.contrib.auth, you are actually using the decryptor of it.
And yes, I guess everytime you signing in, your password need to get decrypted again.
- [Django]-Django set default form values
- [Django]-How to set the timezone in Django
- [Django]-Speeding up Django Testing
0
You can create a super user from the command line. Make sure you have run migraitons
python manage.py createsuperuser –username=joe –email=joe@example.com
Link to docs: https://docs.djangoproject.com/en/4.2/topics/auth/default/
- [Django]-URL-parameters and logic in Django class-based views (TemplateView)
- [Django]-Django REST Framework – 405 METHOD NOT ALLOWED using SimpleRouter
- [Django]-What is the SQL ''LIKE" equivalent on Django ORM queries?