1👍
✅
You can use make_password() to hash the password and is_password_usable() to avoid re-hashing already hashed passwords by checking whether the password is hashed or not.
Write a script or a management command to loop over the existing User objects and update their passwords, like following:
from django.contrib.auth.hashers import make_password, is_password_usable
from myapp.models import User
def hash_existing_passwords():
for user in User.objects.all():
if not is_password_usable(user.password):
continue
user.password = make_password(user.password)
user.save()
hash_existing_passwords()
You can run this script using the following command:
python manage.py shell < path/to/script.py
Source:stackexchange.com