25π
β
It means there is a plain text 'sahar' stored as the password of the account of a user who tries to log in.
Update the password of the user in Admin or in manage.py shell
user = User.objects.get(username=username)
# use set_password method
user.set_password('sahar')
user.save()
# INSTEAD OF
user.password = 'sahar'
user.save()
Also check your other views to correct the user.password = '...' and User.objects.create(password='...') usages.
π€okm
1π
This is the best way to save log in details
you can create an object from the form
as
user = form.save(commit=False)
then clean the data to remove any scripts entered in the form fields.
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user.set_password(password)
user.save()
π€Alpha Nganga
Source:stackexchange.com