username saving as null in django custom model - django

when i am sending post request to register new user from postman, username saves as blank/dash .
why username saving as blank i dont get it.
but when i add from django admin it saves correctly.
here is postman image
postman post request image
and here is the result
django result after sending post request
Custom Account Manager
class CustomAccountManager(BaseUserManager):
def create_superuser(self, email, username, password, **other_fields):
other_fields.setdefault('is_staff', True)
other_fields.setdefault('is_active', True)
other_fields.setdefault('is_admin', True)
other_fields.setdefault('is_superuser', True)
if other_fields.get('is_staff') is not True:
raise ValueError(
'Superuser must be assigned to is_staff=True.')
if other_fields.get('is_superuser') is not True:
raise ValueError(
'Superuser must be assigned to is_superuser=True.')
return self.create_user(email, username, password, **other_fields)
def create_user(self, email, username, password, **other_fields):
if not email:
raise ValueError(_('You must provide an email address'))
if not username:
raise ValueError(_('You must provide an username'))
if " " in username:
raise ValueError(_('Username should not contain space'))
email = self.normalize_email(email)
user = self.model(email=email, username=username, **other_fields)
user.set_password(password)
user.save()
return user
Custom User Model
class NewUser(AbstractBaseUser, PermissionsMixin):
email = models.EmailField(_('email address'), unique=True, null=False, blank=False)
username = models.CharField(max_length=150, unique=True, null=True)
first_name = models.CharField(max_length=150, blank=True)
objects = CustomAccountManager()
# more
class Meta:
verbose_name = 'NewUser'
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['username']
def __str__(self):
return str(self.username)
model serializer
class RegisterNewUserSerializer(serializers.ModelSerializer):
class Meta:
model = NewUser
fields = ('email', 'password', 'username')
extra_kwargs={'password':{'write_only':True}}
def validate(self, data):
if hasattr(self, 'initial_data'):
unknown_keys = set(self.initial_data.keys()) - set(self.fields.keys())
if unknown_keys:
raise ValidationError("Got unknown fields: {}".format(unknown_keys))
return data
def validate_username(self, value):
if " " in value:
raise serializers.ValidationError("Username should not contain space")
def save(self):
newuser = NewUser(email = self.validated_data['email'],
username = self.validated_data['username']
)
password = self.validated_data['password']
newuser.set_password(password)
newuser.save()
return newuser
post request
class RegistrationView(APIView):
permission_classes = [ AllowAny ]
def post(self, request):
reg_serializer = RegisterNewUserSerializer(data = request.data)
print(request.data)
print(reg_serializer)
if reg_serializer.is_valid():
print('lololololololololololo')
reg_serializer.save()
return Response(data=request.data,status=status.HTTP_201_CREATED)
return Response(reg_serializer.errors, status=status.HTTP_400_BAD_REQUEST)

You validator should return the data, so:
def validate_username(self, value):
if " " in value:
raise serializers.ValidationError("Username should not contain space")
# ↓ return the value
return value
In Python a function call always returns something (unless an exception is raised). If no explicit return statement is triggered, None is returned.

Related

Django Custom User Model is not using The model manager while creating normal users

I'm trying to create a user from the Django rest framework's ModelViewset. (However, I've also tried to do the same with regular Django's model form. In both cases, the CustomUser model is not using the create_user function from the Model manager.
My codes are as follows:
Model Manager
class CustomUserManager(BaseUserManager):
def create_user(self, email, phone, full_name, **other_fields):
email = self.normalize_email(email)
if not email:
raise ValueError("User must have an email")
if not full_name:
raise ValueError("User must have a full name")
if not phone:
raise ValueError("User must have a phone number")
user = self.model(
email=self.normalize_email(email),
phone=phone,
full_name=full_name,
is_active=True,
)
other_fields.setdefault('is_active', True)
user.set_password(phone)
user.save(using=self._db)
return user
def create_superuser(self, email, phone, full_name, password=None, **other_fields):
if not email:
raise ValueError("User must have an email")
if not password:
raise ValueError("User must have a password")
if not full_name:
raise ValueError("User must have a full name")
if not phone:
raise ValueError("User must have a phone number")
user = self.model(
email=self.normalize_email(email),
full_name = full_name,
phone = phone
)
user.set_password(password) # change password to hash
other_fields.setdefault('is_staff', True)
other_fields.setdefault('is_superuser', True)
other_fields.setdefault('is_active', True)
user.save(using=self._db)
return user
Model:
class CustomUserModel(AbstractBaseUser, PermissionsMixin, AbstractModel):
email = models.EmailField(unique=True)
username = models.CharField( max_length=150, unique=True, null=True, blank=True)
phone = PhoneNumberField(unique=True)
full_name = models.CharField(max_length=50, null=True, blank=True)
is_active = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
objects = CustomUserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['phone', 'full_name']
class Meta:
verbose_name = 'User'
verbose_name_plural = 'Users'
def __str__(self):
return f'{self.username} - {self.email}'
def save(self, *args, **kwargs):
if not self.username:
uid = str(uuid4()).split('-')[1].upper()
today = str(date.today()).replace('-', '').swapcase()
splitted_uname = self.full_name.split(' ')[0][:2].upper()
self.username = f'{splitted_uname}-{uid}{today}'
super(CustomUserModel, self).save(*args, **kwargs)
Django REST Framework's ViewSet
class UserBaseViewSet(viewsets.ModelViewSet):
allowed_methods = ('GET', 'POST', 'PATCH')
serializer_class = serializers.UserBaseListSerializer
queryset = CustomUserModel.objects.all()
permission_classes = [IsProfileOwnerOrReadOnly, ]
lookup_field = 'username'
def get_serializer_class(self):
if self.action == 'retrieve':
return serializers.UserBaseDetailSerializer
return super().get_serializer_class()
While creating superusers from the command line it works perfectly.
What am I missing in this process?
I debug the process but the model class doesn't users the create_user function of the manager in any way.
You will have to override create of UserBaseListSerializer to call the manager's create_user:
class UserBaseListSerializer(serializers.ModelSerializer):
...
def create(self, validated_data):
return CustomUserModel.objects.create_user(**validated_data)

How to save data to multiple models with one form?

a pretty noob here. I am trying to create a user profile at the time when the account is created using signals. I want all the fields of the user profile to be filled in sign up page.
This is the user profile that I am trying to populate:
class UserProfile(models.Model):
user = models.ForeignKey(get_user_model(), verbose_name='user', on_delete=models.CASCADE)
name = models.CharField(max_length=255, null=True)
contact_number = models.CharField(max_length=11, default="0331232132")
def __str__(self):
return self.name
This is my custom user model here:
class CustomUserManager(BaseUserManager):
def _create_user(self, email, password, **kwargs):
if not email:
raise ValueError("The given email must be set")
email = self.normalize_email(email)
user = self.model(email=email, **kwargs)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self, email, password=None, **kwargs):
kwargs.setdefault("is_staff", False)
kwargs.setdefault("is_superuser", False)
return self._create_user(email, password, **kwargs)
def create_superuser(self, email, password=None, **kwargs):
kwargs.setdefault("is_staff", True)
kwargs.setdefault("is_superuser", True)
if kwargs.get('is_staff') is not True:
raise ValueError('Superuser must have is_staff=True.')
if kwargs.get('is_superuser') is not True:
raise ValueError('Superuser must have is_superuser=True.')
return self._create_user(email, password, **kwargs)
class User(AbstractUser):
username = None
email = models.EmailField(_("email address"), unique=True)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
This is my user creation form that I am sending to template:
class CustomUserCreationForm(UserCreationForm):
password2 = forms.CharField(
label=_("Confirm Password"),
widget=forms.PasswordInput,
)
name = forms.CharField()
contact_number = forms.CharField(
max_length=11
)
class Meta:
model = get_user_model()
fields = ['email']
I am not sure if it is relevant but this is my custom email backend.
class EmailBackend(ModelBackend):
def authenticate(self, request, username=None, password=None, **kwargs):
try:
user = User.objects.get(email__iexact=username)
except User.DoesNotExist:
return None
except User.MultipleObjectsReturned:
return User.objects.filter(email=username).order_by('id').first()
else:
if user.check_password(password) and self.user_can_authenticate(user):
return user
def get_user(self, user_id):
try:
user = User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
return user if self.user_can_authenticate(user) else None
Now what I want is when the user submits the user creation form, Email and Password field is used to create a user account while name and contact number along with the newly created user object are used to create a userprofile instance using signals. All the examples that I have seen till now only handle setting only the user object in profile.

How to remove username field and password2 field from RegisterSerializer in django rest framework?

When I call the api/seller/register api, the fields appear are username, password1 and password2. I want these removed and only want simple password, email and phone_num.
How to remove this?
I am trying to make a seller registration using RegisterSerializer. I tried with ModelSerailzers and provided fields as I want but this will lead to me the error saying save() only takes 1 argument.So, I just want these unnecessary fields removed using RegisterSerializer.
My model:
class CustomUserManager(BaseUserManager):
"""
Custom user model manager with email as the unique identifier
"""
def create_user(self, first_name, last_name, email, password, **extra_fields):
"""
Create user with the given email and password.
"""
if not email:
raise ValueError("The email must be set")
first_name = first_name.capitalize()
last_name = last_name.capitalize()
email = self.normalize_email(email)
user = self.model(
first_name=first_name, last_name=last_name, email=email, **extra_fields
)
user.set_password(password)
user.save()
return user
def create_superuser(self, first_name, last_name, email, password, **extra_fields):
"""
Create superuser with the given email and password.
"""
extra_fields.setdefault("is_staff", True)
extra_fields.setdefault("is_superuser", True)
extra_fields.setdefault("is_active", True)
if extra_fields.get("is_staff") is not True:
raise ValueError("Superuser must have is_staff=True.")
if extra_fields.get("is_superuser") is not True:
raise ValueError("Superuser must have is_superuser=True.")
return self.create_user(first_name, last_name, email, password, **extra_fields)
class CustomUser(AbstractUser):
username = models.CharField(max_length=255,blank=False)
first_name = models.CharField(max_length=255, verbose_name="First name")
last_name = models.CharField(max_length=255, verbose_name="Last name")
email = models.EmailField(unique=True)
is_seller = models.BooleanField(default=False)
is_customer = models.BooleanField(default=False)
USERNAME_FIELD = "email"
REQUIRED_FIELDS = ["first_name", "last_name"]
objects = CustomUserManager()
def __str__(self):
return self.email
My serializer:
class SellerRegisterSerializer(RegisterSerializer):
seller = serializers.PrimaryKeyRelatedField(read_only=True,)
# username = serializers.CharField(required=True)
phone_num = serializers.CharField(required=False)
# class Meta:
# model = User
# fields = ['seller','email', 'phone_num', 'first_name', 'last_name', 'password']
def get_cleaned_data(self):
data = super(SellerRegisterSerializer, self).get_cleaned_data()
extra_data = {
'phone_num': self.validated_data.get('phone_num', ''),
}
data.update(extra_data)
return data
def save(self, request, **kwargs):
user = super(SellerRegisterSerializer, self).save(request)
# user = super().save(is_seller=True)
user.is_seller = True
user.save()
seller = Seller(seller=user,
phone_num=self.cleaned_data.get('phone_num'))
seller.save()
return user
My view:
class SellerRegisterView(RegisterView):
serializer_class = SellerRegisterSerializer

Unable to login because Django saving passwords in plain text but

class UserManager(BaseUserManager):
def create_user(self, username, email, password=None):
if username is None:
raise TypeError('User should have a username')
if email is None:
raise TypeError('User should have an email')
user = self.model(
username=username,
email=self.normalize_email(email)
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, email, password=None):
if password is None:
raise TypeError('Password should not be none')
user = self.create_user(username, email, password)
user.is_superuser = True
user.is_staff = True
user.save()
return user
class User(AbstractBaseUser, PermissionsMixin):
username = models.CharField(
max_length = 255,
unique = True,
db_index = True
)
email = models.EmailField(
max_length = 255,
unique = True,
db_index = True
)
is_verified = models.BooleanField(default = False)
is_staff = models.BooleanField(default = True)
is_active = models.BooleanField(default = True)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['username']
objects = UserManager()
def __str__(self):
return self.email
def tokens(self):
refresh = RefreshToken.for_user(self)
return {
'refresh': str(refresh),
'access': str(refresh.access_token)
}
class RegisterSerializer(serializers.ModelSerializer):
password = serializers.CharField(
max_length = 255,
min_length = 6,
write_only = True
)
class Meta:
model = User
fields = ['email', 'username', 'password']
extra_kwargs = {'password': {'write_only': True, 'min_length': 5}}
def validate(self, attrs):
email = attrs.get('email', '')
username = attrs.get('username', '')
if not username.isalnum():
raise serializers.ValidationError(
"Username should contain only alphanumeric characters"
)
return attrs
def create(self, validated_data):
return User.objects.create_user(**validated_data)
class RegisterView(generics.GenericAPIView):
permission_classes = (AllowAny,)
serializer_class = RegisterSerializer
def post(self, request):
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
serializer.save()
user_data = serializer.data
return Response(
serializer.data,
status=status.HTTP_201_CREATED
)
Currently I'm using django 3.1.3 and djangorestframework 3.12.2. While I'm able to login with superuser and getting tokens properly but couldn't login with staff users. From Django admin I have seen only superuser has hashed password and all other users have plain text password.
You do not set the password with user.password, that is just a text field on a model and works like any other. You must either:
preferred: Call user.set_password(value)
backup: Calculate the password manually using make_password before saving
You already have a create method so we'll work with that first.
from django.contrib.auth.hashers import make_password
def create(self, validated_data):
pwd = validated_data.pop("password")
user = User.objects.create(**attrs)
user.set_password(pwd)
user.save(updated_fields=["password"])
return user
# or you could replace it in validated_data
def create(self, validated_data):
validated_data["password"] = make_password(validated_data["password"])
return User.objects.create(**attrs)
You have a validation routine, but it is global. If you make it specific to the password field then you can calculate it there and leave create alone. People don't usually do that, because it is standard to have a "confirm password" field as well.
def validate_password(self, value):
# ...
return make_password(value)
Now if you want to add a confirm_password field then you are going to need to a validate(self, attrs) anyway to compare the two fields, so I would recommend against this last method.

django AttributeError: dict object has no attribute 'pk'

I'm making a simple django rest framework project.
This is just creating a new user, and logging in.
When I used django basic auth user model, everything worked well.
But after changing basic user model to custom user, this error comes out when creating a new user:
dict object has no attribute 'pk'
Custom user model is made referred to django docs.
Error says that:
File "/home/seokchan/server/mdocker/lib/python3.5/site-packages/django/contrib/auth/__init__.py",
line 100, in login
if _get_user_session_key(request) != user.pk or ( AttributeError: 'dict' object has no attribute 'pk'
This seems to say that user model has no pk, but I don't get it.
models.py
class MyUserManager(BaseUserManager):
def create_user(self, username, email, password=None):
if not email:
raise ValueError('Users must have an email address')
if not username:
raise ValueError('Users must have an user name')
user = self.model(
email=self.normalize_email(email),
username = username
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, email, password):
user = self.create_user(
username,
password=password,
email = email,
)
user.is_admin = True
user.save(using=self._db)
return user
class MyUser(AbstractBaseUser):
id = models.AutoField(primary_key=True)
username = models.CharField(
verbose_name='user name',
max_length=30,
unique=True,
)
email = models.EmailField(
verbose_name='email address',
max_length=255,
unique=True,
)
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
sth_test = models.TextField(blank = True)
objects = MyUserManager()
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = ['email']
def __str__(self):
return self.username
def has_perm(self, perm, obj=None):
"Does the user have a specific permission?"
# Simplest possible answer: Yes, always
return True
def has_module_perms(self, app_label):
"Does the user have permissions to view the app `app_label`?"
# Simplest possible answer: Yes, always
return True
#property
def is_staff(self):
"Is the user a member of staff?"
# Simplest possible answer: All admins are staff
return self.is_admin
serializers.py
class CreateUserSerializer(serializers.ModelSerializer):
class Meta:
model = get_user_model
fields = ('id', 'username', 'email', 'password', 'is_active')
email = serializers.EmailField(
required=True,
validators=[UniqueValidator(queryset=User.objects.all())]
)
username = serializers.CharField(
max_length=32,
validators=[UniqueValidator(queryset=User.objects.all())]
)
password = serializers.CharField(min_length=8, write_only=True)
def validate_email(self,value):
if User.objects.filter(email=value).exists():
raise serializers.ValidationError("err.")
return value
def create(self, validated_data):
user = User.objects.create_user(
validated_data['username'],
validated_data['email'],
validated_data['password'],
)
user.is_active = False
user.save()
message=render_to_string('accounts/account_activate_email.html',{
'user':user,
'domain':'localhost:8000/api/accounts/activate',
'uid':urlsafe_base64_encode(force_bytes(user.pk)).decode('utf-8'),
'token':account_activation_token.make_token(user)
})
mail_subject = 'Bplus'
to_email = user.email
AuthEmail = EmailMessage(mail_subject, message, to=[to_email])
AuthEmail.send()
return validated_data
views.py
class UserCreateAPI(generics.GenericAPIView):
serializer_class = CreateUserSerializer
def post(self, request, *args, **kwargs):
if len(request.data["username"]) < 4 or len(request.data["password"]) < 8:
body = {"message":"short field"}
return Response(body, status = 400)
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.save()
user_for_auth = User.objects.get(username=user['username'])
login(request, user)
return Response(
{
"user":UserSerializer(
user, context=self.get_serializer_context()
).data,
"token":AuthToken.objects.create(user_for_auth),
}
)
How can I fix this error?
Your serializer create method returns the validated data instead of the created object. Since that is a dict, that is what you end up passing to the login function.
You should have return user instead of return validated_data.