i am using django-allauth. I want that when users signup with social accounts, redirect to set the password page. I do not know what to do. Any suggestion.
if you want to reset/update the password you can use user.set_password(password)
I have an extended django user model, and I want the user to first enter their username then be redirected to another page that asks for their password. Somewhat similar to how amazon handles user login.
Do I just use 2 separate views and pass the username as an input to the password view?
Second question, can this cause a security problem?
def usernameView(request):
# get username and redirect to password
def passwordView(request, username):
# get password if correct login
How can I give the option to change Email-Id and change Password for users logged in through AllAuth [Gmail / Facebook].
I have written a REST API for updating a user's password. Since it is impossible to unhash the password stored by django, how am I suppose to test my API besides asserting the response status_code?
You can check a user's password with User.check_password(password_to_check). This will return True if the password is correct. (see documentation here)
Note that if you have created a user in your unit test and then change a password for the user, you need to update the user reference before you can see the new password, like this:
// create self.user
// change the password to "newpassword"
self.user = User.objects.get(username="username") # get user again so that you can see updated password
self.assertEquals(self.user.check_password("newpassword"), True)
What I would do is create the following assertions in the test_password_update test:
user login
password update
user login
If the user is able to login after the password update, then you are safe and the API works correctly.
After trying to login through the facebook account, I want to display user a form where he/she can input the username and password to store in the Django actual user model so that user can later sign in using that credentials in the system.
Thus, I am setting
SOCIALACCOUNT_AUTO_SIGNUP = False
in my settings.py file.
By default it shows a form with username and e-mail address. I want to add password field to the at form. How can I do it?