I am using django 1.11 and DRF to create an app. When I use manage.py createsuperuser command to create a superuser, it successfully created an account for me. But when I am trying to log in to the account. The login screen prompts me a login error.
When I use manage.py changepassword admin command to change the password, I can log in to the account.
This is really annoying, and I can't figure out what happened, for days Are there any reason that can cause the command creating a wrong password? :/
Anybody can help?
most probably you have override the create_superuser method you are passing the password in normal text, you should use the set_password method.
user.set_password("password")
user.save()
Related
I have inherited a django project which uses Wagtail for CMS. When I go to (project_url)/cms/ I am asked for a username and password, which I do not have.
Is there any way to create a default user account in the settings.py file, or reset the existing account so that I can gain access to the CMS section?
You can run the changepassword command (django-admin changepassword your_username, for example) to change a password for the existing your_username user.
Alternatively you can create a new superuser using the createsuperuser command by running django-admin createsuperuser.
I am using python-social-auth package, and it has rather strange behavior, that is, I can login using existing gmail account already signup in the database, but I can't register new user.
Actually, this is a dockerize Flask application (in app.py). If I am not using supervisord, all Python Social Auth behavior works fine. That's mean, I directly call python app.py, instead of configuring it to run by supervisord in supervisord.conf.
But if I use supervisord, new user will not get registered. Application will be directed to login page.
NOTE: on the other hand, I am trying to rewrite social implementation by using Flask-OAuth.
Finally, I found the bug. These are code fix for custom pipeline for confirmed oauth process:
def pipeline_oauth_confirmed(backend, user, response, *args, **kwargs):
user.active = True
user.confirmed_at = datetime.now()
db_session.commit()
As the app need to have user.active=True before it logged in the user, the user wont' be logged in. I omitted the db_session.commit() call. Once that added, it works!
I'm working on a multi tenant app using django-tenant-schema(and postgresql). Now as soon as the new schema is getting created, I'm using the call_command to create a superuser. I also thought of the option of using signal post_migrate.
My doubt is how can I auto create a superuser without typing the password in shell.
The use case is as soon as the user registers for his/her schema, a superuser is generated and the user logs in with the superuser username and password and can change the password thereafter.
I'm using the following to call the createsuperuser command:
call_command('createsuperuser', schema_name=self.schema_name, username='admin', email='admin#admin.com')
One way to solve the issue is to change Django's createsuperuser.py file and provide a password over there automatically, buts thats not an acceptable route, ie cahnging the source code for some use case. Could I please request for some better methods
you can "prepare" password for new superuser and pass md5 value to bash:
a=# select md5('some password'||'test');;
md5
----------------------------------
d5b3eb515b64edf295b2ee9062946d24
(1 row)
a=# create user test superuser password 'md5d5b3eb515b64edf295b2ee9062946d24';
CREATE ROLE
so you can use d5b3eb515b64edf295b2ee9062946d24 in bash, saving password somewhere else?..
I've created a new website using Django 1.8, created a superuser account and logged into the admin interface to initialize some database fields. I can log continue to log into both the admin site and the actual website, as can a couple hundred users.
I've created a second Django website under a separate project (separate database, settings file, etc.) that contains identical code. I ran syncdb and created a different superuser account but when I attempt to log into the admin site with my superuser account, it tells me my username or password is incorrect. I've compared everything with the original website and I can't find anything that's not consistent.
I've confirmed:
I can log directly into the MySQL database using the database name, database user and password that are contained in the settings file
I'm referencing the correct settings file from manage.py
My user record in auth_user has is_staff, is_superuser and is_active all set to 1
I've tried to compare all the configuration files between the two projects and everything matches up as expected. Does anyone have any suggestions about what could affect the authentication or how I might debug this?
Thanks.
After running out of places to look, I deleted and recreated the site database and then reran manage.py syncdb. After that, I was able to log into the admin site. My working theory is that when I entered the superuser password the first time, I pasted into a PUTTY terminal and what it stored for the password was not what I thought it was.
Which kind of doesn't make sense because I did try to add a second superuser using manage.py createsuperuser with a really simple password and I still couldn't log in.
Anyway, thanks for the help.
Perhaps the most interesting feature of Django 1.5 is the custom user that finally bids farewell to the outdated username.
There is an excellent nearly out-of-the-box example in the documentation to create a user where you would need only the email address instead of username.
There is however a small caveat. For some reason after a successful signup, I am not able to login the user automatically as it would have worked as described in Django 1.4 in here
In other words, this doesn't work for me:
user = authenticate(username=form.cleaned_data['email'], password=form.cleaned_data['password2'])
login(request, user)
The strange part is I am not even getting any error message in the debug console nor any warnings.
According to the out-of-the-box example though there is no custom backend defined. Only a CustomUser and CustomUsermanager. Hence I don't understand why I can't login the user manually.
btw I also have set the following in the settings:
AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend',)
Any Django 1.5 expert around here?
I just ran the example myself, and it did work.
Did you set the AUTH_USER_MODEL before running syncdb ?
If not, erase your DB and run the command again. Based on the linked example it should ask you your date of birth while creating the superuser if everything is configured correctly.
And by the way, the ModelBackend is the default AUTHENTICATION_BACKENDS, you don't have to set it.
I finally found the solution. After debugging in the internal django classes. The solution is embarrassingly simple.
user = authenticate(username=form.cleaned_data['email'], password=form.cleaned_data['password2'])
login(request, user)
My mistake was the wrong namespace for login(request, user)
Make sure you are using
from django.contrib.auth import login
And not by mistake:
from django.contrib.auth.views import login
everything else was correct in my settings.