I wrote an script to import user information from my old site database to my new django database. I should be able to import theses fields: user, email and password.
All passwords users on my old database are hashed with "md5". So... I should get this "md5" hashed password and save as they are on my auth_user database. However, I dont know how to do it without hash it again....
How can I do that?
If I do...
u = User.objects.create_user(user_name,email)
u.set_password(old_pass)
u.save()
the password is hashed again... How can I save a "pure" password?
Just directly set the password attribute.
u.password = old_pass
The set_password function is intended as a helper to use because u.password = 'some_pass' will just store the password directly in human-readable form -- it doesn't apply here since you already have the hashed password.
Related
I have a superuser in django admin and the problem is that when this superuser changes his password, he will be redirected to the django admin login page and when the superuser enters correct username and password in the admin login page, it gives an error that is “Please enter the correct username and password for a staff account. Note that both fields may be case-sensitive.”, but I am sure that both of the username and password fields are filled correctly.
You may be setting the password incorrectly.
If you're storing a plain text password directly, while Django expects a hashed password, the authentication backend won't be able to match the password typed in the form to the one stored in the DB.
Make sure you are setting the password with the set_password method as in user.set_password("PASSWORD"). Check Changing passwords
I am trying to create users in the django django.contrib.auth.models.User model but when I use a username which already exists in the database it will give me an error like:
{username: ["A user with that username already exists."]}
as an http response
How can I disable this in django so I can have many users with the same username
Thanks all.
I have a login form. Also I have a huge database. One of the tables in DB is 'zusers', where stores information about users: username, password, 'telefon' and some other columns. I learned about user = auth.authenticate(username = 'John', password = 'pass'). And the question: wheredoes this function check if such user exists or no? And how to do it so that this function check for users in my DB table 'zusers'?
You will need to create a custom authentication backend in Django for your exisiting users. You can read more at the Django Docs: https://docs.djangoproject.com/en/dev/topics/auth/customizing/
You should not need to manual check auth.authenticate but just swap out the backend.
You can also substitute a completely customised model for your Django user to support telefon and the other columns you have https://docs.djangoproject.com/en/dev/howto/custom-model-fields/
I am not going to post any example code as you haven't provided any yourself and the Django links above very clearly show you how to achieve this.
I have a login form. I need to authenticate users. All information about usernames and their passwords are stored in PostgreSQL database. I find such method:
from django.contrib.auth import authenticate
user = authenticate(username='john', password='secret')
How does Django know whether such user exists or no? How to combine it with DB? Is it necessary to create models or just to read data from database?
I want to update some fields of auth_user table in django. Actually i am migrating some users from one website to another so i want to update the password field in auth_user table.But when i am using the update query it gives me some errors
some things which i have tried
values=User.objects.get(username=request.POST['username'])
values.password=request.POST['password']
values.password.save()
it gives the error of 'unicode' object has no attribute 'save
and if i tried this one
values=User.objects.get(username=request.POST['username']).update(password=request.POST['password'])
then the error is 'User' object has no attribute 'update'
actually i do not want to send emails to users to update their password and redirect them to forgot password page.
But whenever user try to login to site and if his password do not match but he typed the password correctly but due to migration his password do not work in django then the password he enters must be updated in auth_user table(encrypted password).
In between i have ensure that this user is the authenticate user of previous site.
So please suggest me some way so that i can update his password in auth_user table.
Passwords in django are stored as sha256 hashes, so setting
user.password = 'new password'
is not a good idea. Fortunately django has methods that would take care of hashing your password. Second thing:
values.password.save()
Here you are trying to execute save() method on password object which is a string, not a user object. values.save() would be better, but still not correct. What you want to do is this:
values.set_password('new password') # Takes care of hashing
values.save()
More on the topic in django documentation
(On behalf of OP)
I used this and the problem is solved
u = User.objects.get(username__exact='john')
u.set_password('new password')
u.save()