Menu
I have a model that is inherited of AbstractUser, something like this :
class Driver(AbstractUser):
dni = models.CharField(max_length=8,validators=[validate_dni],unique=True)
license = models.CharField(max_length=9,unique=True)
birthday = models.DateField()
sex = models.CharField(max_length=1, choices=SEX_CHOICES)
creation_date = models.DateField(auto_now = True)
According to this : https://docs.djangoproject.com/en/dev/topics/auth/customizing/
If you’re entirely happy with Django’s User model and you just want to add some additional profile information, you can simply subclass django.contrib.auth.models.AbstractUser and add your custom profile fields. This class provides the full implementation of the default User as an abstract model.
But, in my admin view, the field of password is a simple text input and the password is saved as raw text. I could try with AbstractBaseUser but first I need to clarify this issue. I'm starting with Django, so I'm a little newbie.
Thanks.
841
when inheriting from rest_framework.serializers.ModelSerializer, and also the Meta.fieldsis equal to __all__, the user passwordis not hashed, and instead, saved in plain text in database. Expected behavior I would expect some kind of default hashing like the following (that I had to add for now apparently):
serializer does not hash password when fields is __all__#6737 Closed 3 of 6 tasks meysam81opened this issue Jun 9, 2019· 6 comments Closed 3 of 6 tasks serializer does not hash password when fields is __all__#6737 meysam81opened this issue Jun 9, 2019· 6 comments Comments Copy link Task lists! Give feedback
The package currently offers a method KeyDerivation.Pbkdf2 which allows hashing a password using the PBKDF2 algorithm. This API is very similar to the .NET Framework's existing Rfc2898DeriveBytes type, but there are three important distinctions:
The get_user method takes a user_id – which could be a username, database ID or whatever, but has to be the primary key of your user object – and returns a user object or None. The authenticate method takes a request argument and credentials as keyword arguments. Most of the time, it’ll look like this:
You don't have to actually define your own function. You just need to use register it with the UserAdmin class from django.contrib.auth.admin and it works out of the box.
Explicitly, in your admin.py file make sure you have the following:
from django.contrib.auth.admin import UserAdmin
admin.site.register(CustomUserModel, UserAdmin)
If you have additional custom fields on your model, the above way of registering will make them not shown in the admin. In this case, you can make it work by making your custom Admin class inherit from the UserAdmin class, like the following:
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
@admin.register(CustomUserModel)
class CustomUserModelAdmin(UserAdmin):
...
You need to define a function to hash that password. I think you directly save it to database.
class MyForm(forms.ModelForm):
............
def save(self, commit=True):
# Save the provided password in hashed format
user = super(MyForm, self).save(commit=False)
user.set_password(self.cleaned_data["password"])
if commit:
user.save()
return user
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
