Using:
class User(AbstractBaseUser):
pass #models here
I added extra fields to my custom user model. This table is created successfully in postgres with absolutely no issues, however, whilst creating a superuser the credentials gets pushed to auth_user(default django user table) instead of account_user.
auth_user shouldn't even be created alongside accounts_user?! Even worse:
REQUIRED_FIELDS = ['username', 'first_name', 'last_name']
which I set isn't required at all when creating superuser. It still uses default django configurations/fields.
These are in order if you're wondering: AUTH_USER_MODELS = 'accounts.User' and installed 'accounts' in INSTALLED_APPS=[ ]. What is happening?
Superuser credentials should be created in accounts_user table not auth_table in postgreSQL. REQUIRED_FIELDS = ['username', 'first_name', 'last_name'] should be requested whilst creating superuser.
Related
I have followed below tutorial to introduce user authentication in my django app.
https://django-graphql-auth.readthedocs.io/en/latest/quickstart/
It has created the user mutations as below,
Graphql user mutation
The mutation to update user shows only two fields, first name and last name. However my user model has other fields as well like is_staff, is_superuser, gender.
I would like to get control on updating those fields as well.
Please advise how can I get that done?
I fixed it by adding below code to the app settings,
GRAPHQL_AUTH['UPDATE_MUTATION_FIELDS'] = [
'first_name',
'last_name',
'is_staff',
'is_active',
'gender',
]
I am trying to build an endpoint for the default User model, which we have in django, which being imported from from django.contrib.auth.models import User,
This is my serializer:-
class SuperUserDetailSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = (
'id',
'username',
'groups',
'user_permissions',
'organization_users',
)
and the views goes as this:-
class UserDetailView(RetrieveUpdateDestroyAPIView):
queryset = User.objects.all()
serializer_class = SuperUserDetailSerializer
with the above codes, the number of queries which being hit are 216-219, which is due to the field user_permissions, I checked the User model, but it doesn't contains any field as user_permissions, but in the response, I get this field, and also in the html form field the permissions are populated(DRF Browsable page). I am trying to implement prefetch_related or select_related for the user_permissions field, but I am not able to reduce the the number of query, (It is hitting the database each time for getting all the permissions).
This is what I am trying to do but not able to achieve it:-
queryset = User.objects.prefetch_related(Prefetch('user_permissions', queryset = Permission.obects.select_related('content_type')))...I am not sure where I am doing the mistake.
I created a user with a password password123 but in the database the password field look like this pbkdf2_sha256$260000$rJZWVrYXlokRG8fGMS1fek$S7Dm9soflUsy0Q74CJP8sB60tgfRWuRPdqj5XL0DBV0=
the problem: is when I create new user via rest framework i got the poassword feidl look like passsword123
so how should i created new user in order to keep the django password encoding functionality
also how to deactivate this password encoding functionality
Django uses encryption middlewares to encrypt passwords (since the database sees passwords as VarChar fields, so Django's model sees them as plain text unless it is told otherwise). If you want the Django User model to use encryption, you must call
user_obj.set_password(passwd_text)
With this line of code, you tell Django to run encryption algorithms. For example, in your case, you can first use the serializer's extra_kwargs to exclude passwords from database-readable data, then create the user.
class CreateUserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['email', 'username', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
password = validated_data.pop("password")
user = User(**validated_data)
user.set_password(password)
user.save()
return user
if you want to read more on Django users and passwords read these docs
user model doc and
encryption types and password management doc
you need to override create method in User Create Serializer:
class UserCreateSerializer(serializers.ModelSerializer):
def create(self, validated_data):
user = User.objects.create_user(**validated_data)
return user
class Meta:
model = User
fields = "__all__" # or your specific fields
extra_kwargs = {
"password": {"write_only": True},
}
Now your user password will be saved as hashed password in database.
re. question 2.
Django does not store the password, only hashed value of the password, which it uses for comparison when the user logs in.
It is not possible to reverse engineer the password from this hash (well, mathematically it is possible, but you don't have the resources to run that process). Nor should it be.
If you wanted a password field that wasn't hashed, you would use just a string field. But... DON'T DO THIS! It is massively insecure.
There is no need for you to know the user's password.
As for question 1, I'm not sure why you're not seeing it hashed - you will need to post some code.
i am new to django and i am using the 1.11 version
i have several models some related with foreign keys and some with oneToOne relation.
for instance the user and profile models, i would like to add in the profile form fields from the user form
how?
For the oneToOne, I have the an admin model with a oneToOne field related to the user model. but not just admin, i have several types of user (admin, writer, commetator, ...) each in a different model and when creating one type i also create its related user, so when i access the writer form in admin i create an admin but i also want to have user's model field so that i create both from the writer's form
in AdminAdmin ie: the admin model i would like to add the user's fields in the form showing in the admin template
from django.contrib import admin
from .models import User, Admin
class UserInline(admin.StackedInline):
model = User
fields = ['username', 'first_name', 'last_name']
class AdminAdmin(admin.ModelAdmin):
model = Admin
list_display = ['getUsername']
inlines = [UserInline]
def getUsername(self, obj):
return obj.user.username
getUsername.short_description = "Nom d'utilisateur"
admin.site.register(Admin, AdminAdmin)
this code generates the error ": (admin.E202) 'common.User' has no ForeignKey to 'common.Admin'."
With this setup:
Class A(models.Model):
# ...
nameField = models.CharField(max_length=100, ...)
# ...
pass
Class B(models.Model)
# ...
fk = models.ForeignKey(A)
# ...
Class C(models.Model):
# ...
oto = models.OneToOneKeyField(A)
You cann access a realted model's field with the ForeignKey + __ + FieldName. E.g. you can access the model A's name field from related models with:
B
'fk__name'
C
'oto__name'
This is my github repo Inout. I am learning django and i worked Very very simple django registration & login system.
My question is:
How to list all the usernames in admin using list_display. But nothing display in admin panel. May i know why ?
Inside my working code:
# models.py
username = models.OneToOneField(User)
first_name = models.CharField(max_length=100)
# admin.py
class SignupAdmin(admin.ModelAdmin):
list_display = ['username']
admin.site.register(Signup, SignupAdmin)
Information for you Reference :
if i am using list_filter in admin i can see all the username in the filter panel
Then if i am accessing this page http://127.0.0.1:8000/admin/system/signup/
Select signup to change
0 signups
And also if i am accessing this page http://127.0.0.1:8000/admin/frontend/profile/add/ i can see the drop down of username shows all the username i registered before.
What i missing ? or can somebody clone my repo and see yourself.
Are you sure it's not working correctly? list_display is supposed to take a tuple/list of fields and then display those fields as columns of the main table like in the picture shown below taken from the django admin documentation, where each entry in the main table has a username, email address, first name, last name, staff status. This would be created by
list_display = ['username', 'email', 'first_name', 'last_name', 'is_staff']
in a ModelAdmin for the built in User model (taken from django.contrib.auth.models). The side-column on the right side (with the label "Filter") is populated only when you define fields under list_filter.
Note if you only defined one field, and your model has a __unicode__ function that returns the username, you will not see a significant difference with just adding list_display = ('username',). I suggest you try list_display = ('username', 'first_name',). In this case, for every SignUp you will see two columns in the main table -- one with the username and one with the first_name.
EDIT
You have two errors.
First, you don't seem to have created any SignUp objects anywhere. Before the admin change list will display any entries, you must create some entries.
Second, your __unicode__ method of your SignUp model refers to non-existent fields (self.user is never defined -- in your SignUp class you used username = models.OneToOneField(User)
, hence you refer to it as username) and furthermore it doesn't return a unicode string as required.
Try:
def __unicode__(self):
if self.username:
return unicode(self.username)
then create some SignUp and then it will work. Again, the list_display part was working perfectly.