使用 Django 自定义用户模型和序列化程序更改密码 API
Change Passwod API using Django Custom user model and serializer
我有一个 Django 应用程序,我已经扩展了用户模型并为 registration/login 创建了一个自定义用户模型,现在我想实现一个更改密码 API,它将在 Android/IOS 应用程序开发。我会得到如下参数:
user_id, old_password, new_password
使用这些参数和自定义用户模型和序列化器有什么方法可以实现这一点。
我已经为此尝试了一个示例,但失败了。
自定义模型:
class User(AbstractBaseUser, PermissionsMixin):
objects = UserManager()
name = models.CharField(max_length=100, blank=True, null=True)
email = models.EmailField(unique=True)
created_at = models.DateField(blank=True, null=True, auto_now=True)
phone_no = models.CharField(max_length=14, blank=True, null=True)
user_android_id = models.CharField(max_length=255, blank=True, null=True)
user_fcm_token = models.CharField(max_length=255, blank=True, null=True)
user_social_flag = models.IntegerField(blank=True, null=True)
user_fb_id = models.CharField(max_length=255, blank=True, null=True)
user_android_app_version = models.CharField(max_length=25, blank=True, null=True)
is_admin = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
USERNAME_FIELD = 'email'
def __str__(self):
return self.email
用户管理员:
class UserManager(BaseUserManager):
use_in_migrations = True
def create_user(self, email, name, phone_no, created_at, user_android_id, user_fcm_token,
user_social_flag, user_fb_id, user_android_app_version, password=None):
cache.clear()
user = self.model(
email=self.normalize_email(email),
phone_no=phone_no,
created_at=created_at,
user_android_id=user_android_id,
user_fcm_token=user_fcm_token,
user_social_flag=user_social_flag,
user_fb_id=user_fb_id,
user_android_app_version=user_android_app_version,
name=name,
)
user.is_admin = False
user.is_staff = True
user.is_superuser = False
user.set_password(password)
user.save(using=self._db)
return user
def create_staffuser(self, email, name, created_at, phone_no, user_android_id, user_fcm_token,
user_social_flag, user_fb_id, user_android_app_version, password):
cache.clear()
user = self.create_user(
email,
# password=password,
created_at=created_at,
phone_no=phone_no,
user_android_id=user_android_id,
user_fcm_token=user_fcm_token,
user_social_flag=user_social_flag,
user_fb_id=user_fb_id,
user_android_app_version=user_android_app_version,
name=name,
)
user.set_password(password)
user.is_staff = True
user.is_admin = False
user.is_superuser = False
user.save(using=self._db)
return user
def create_superuser(self, email, password):
cache.clear()
user = self.model(
email=self.normalize_email(email),
# password=password,
# phone_no=phone_no,
# created_at=created_at,
# user_android_id=user_android_id,
# user_fcm_token=user_fcm_token,
# user_social_flag=user_social_flag,
# user_fb_id=user_fb_id,
# user_android_app_version=user_android_app_version,
# name=name,
)
user.set_password(password)
user.is_admin = True
user.is_staff = False
user.is_superuser = True
user.save(using=self._db)
return user
自定义用户序列化程序:
class CustomRegisterSerializer(RegisterSerializer):
email = serializers.EmailField(required=False)
password1 = serializers.CharField(required=False, allow_null=True, allow_blank=True)
name = serializers.CharField(required=False, allow_null=True, allow_blank=True)
phone_no = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_android_id = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_fcm_token = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_social_flag = serializers.IntegerField(required=False, allow_null=True)
user_fb_id = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_android_app_version = serializers.CharField(required=False, allow_null=True, allow_blank=True)
# created_at = serializers.DateField(format="%Y-%m-%d", input_formats=['%Y-%m-%d', 'iso-8601'])
class Meta:
model = User
fields = ('email', 'password', 'name', 'phone_no', 'user_android_id', 'user_fcm_token',
'user_social_flag', 'user_fb_id', 'user_android_app_version')
def get_cleaned_data(self):
super(CustomRegisterSerializer, self).get_cleaned_data()
return {
'password1': self.validated_data.get('password1', ''),
'email': self.validated_data.get('email', ''),
'phone_no': self.validated_data.get('phone_no', ''),
'name': self.validated_data.get('name', ''),
'user_android_id': self.validated_data.get('user_android_id', ''),
'user_fcm_token': self.validated_data.get('user_fcm_token', ''),
'user_social_flag': self.validated_data.get('user_social_flag', ''),
'user_fb_id': self.validated_data.get('user_fb_id', ''),
'user_android_app_version': self.validated_data.get('user_android_app_version', ''),
}
def create(self, validated_data):
user = User.objects.create_user(**validated_data)
return user
更改密码 API :
class CustomChangePasswordView(APIView):
"""
User Change Password API
"""
def post(self, request):
data = request.data
u_id = data.get('user_id')
old_password = data.get('user_old_password')
new_password = data.get('user_new_password')
user = User.objects.get(id=u_id)
if user.password != old_password:
return Response({"msg":"Invalid Old Password"}, status=status.HTTP_200_OK)
else:
user.set_password(new_password)
return Response({"msg":"Change successfull!"}, status=status.HTTP_201_CREATED)
我得到的错误响应:
{
"msg": "Invalid Old Password"
}
我错过了什么?
还有其他更好的方法吗?
在 CustomChangePasswordView
代码中更新如下:
if user.check_password(old_password):
user.set_password(new_password)
user.save()
return Response({"msg":"Change successfull!"}, status=status.HTTP_201_CREATED)
else:
return Response({"msg":"Invalid Old Password"}, status=status.HTTP_200_OK)
您可以在here中查看有关检查密码的文档。
我有一个 Django 应用程序,我已经扩展了用户模型并为 registration/login 创建了一个自定义用户模型,现在我想实现一个更改密码 API,它将在 Android/IOS 应用程序开发。我会得到如下参数:
user_id, old_password, new_password
使用这些参数和自定义用户模型和序列化器有什么方法可以实现这一点。
我已经为此尝试了一个示例,但失败了。
自定义模型:
class User(AbstractBaseUser, PermissionsMixin):
objects = UserManager()
name = models.CharField(max_length=100, blank=True, null=True)
email = models.EmailField(unique=True)
created_at = models.DateField(blank=True, null=True, auto_now=True)
phone_no = models.CharField(max_length=14, blank=True, null=True)
user_android_id = models.CharField(max_length=255, blank=True, null=True)
user_fcm_token = models.CharField(max_length=255, blank=True, null=True)
user_social_flag = models.IntegerField(blank=True, null=True)
user_fb_id = models.CharField(max_length=255, blank=True, null=True)
user_android_app_version = models.CharField(max_length=25, blank=True, null=True)
is_admin = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
USERNAME_FIELD = 'email'
def __str__(self):
return self.email
用户管理员:
class UserManager(BaseUserManager):
use_in_migrations = True
def create_user(self, email, name, phone_no, created_at, user_android_id, user_fcm_token,
user_social_flag, user_fb_id, user_android_app_version, password=None):
cache.clear()
user = self.model(
email=self.normalize_email(email),
phone_no=phone_no,
created_at=created_at,
user_android_id=user_android_id,
user_fcm_token=user_fcm_token,
user_social_flag=user_social_flag,
user_fb_id=user_fb_id,
user_android_app_version=user_android_app_version,
name=name,
)
user.is_admin = False
user.is_staff = True
user.is_superuser = False
user.set_password(password)
user.save(using=self._db)
return user
def create_staffuser(self, email, name, created_at, phone_no, user_android_id, user_fcm_token,
user_social_flag, user_fb_id, user_android_app_version, password):
cache.clear()
user = self.create_user(
email,
# password=password,
created_at=created_at,
phone_no=phone_no,
user_android_id=user_android_id,
user_fcm_token=user_fcm_token,
user_social_flag=user_social_flag,
user_fb_id=user_fb_id,
user_android_app_version=user_android_app_version,
name=name,
)
user.set_password(password)
user.is_staff = True
user.is_admin = False
user.is_superuser = False
user.save(using=self._db)
return user
def create_superuser(self, email, password):
cache.clear()
user = self.model(
email=self.normalize_email(email),
# password=password,
# phone_no=phone_no,
# created_at=created_at,
# user_android_id=user_android_id,
# user_fcm_token=user_fcm_token,
# user_social_flag=user_social_flag,
# user_fb_id=user_fb_id,
# user_android_app_version=user_android_app_version,
# name=name,
)
user.set_password(password)
user.is_admin = True
user.is_staff = False
user.is_superuser = True
user.save(using=self._db)
return user
自定义用户序列化程序:
class CustomRegisterSerializer(RegisterSerializer):
email = serializers.EmailField(required=False)
password1 = serializers.CharField(required=False, allow_null=True, allow_blank=True)
name = serializers.CharField(required=False, allow_null=True, allow_blank=True)
phone_no = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_android_id = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_fcm_token = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_social_flag = serializers.IntegerField(required=False, allow_null=True)
user_fb_id = serializers.CharField(required=False, allow_null=True, allow_blank=True)
user_android_app_version = serializers.CharField(required=False, allow_null=True, allow_blank=True)
# created_at = serializers.DateField(format="%Y-%m-%d", input_formats=['%Y-%m-%d', 'iso-8601'])
class Meta:
model = User
fields = ('email', 'password', 'name', 'phone_no', 'user_android_id', 'user_fcm_token',
'user_social_flag', 'user_fb_id', 'user_android_app_version')
def get_cleaned_data(self):
super(CustomRegisterSerializer, self).get_cleaned_data()
return {
'password1': self.validated_data.get('password1', ''),
'email': self.validated_data.get('email', ''),
'phone_no': self.validated_data.get('phone_no', ''),
'name': self.validated_data.get('name', ''),
'user_android_id': self.validated_data.get('user_android_id', ''),
'user_fcm_token': self.validated_data.get('user_fcm_token', ''),
'user_social_flag': self.validated_data.get('user_social_flag', ''),
'user_fb_id': self.validated_data.get('user_fb_id', ''),
'user_android_app_version': self.validated_data.get('user_android_app_version', ''),
}
def create(self, validated_data):
user = User.objects.create_user(**validated_data)
return user
更改密码 API :
class CustomChangePasswordView(APIView):
"""
User Change Password API
"""
def post(self, request):
data = request.data
u_id = data.get('user_id')
old_password = data.get('user_old_password')
new_password = data.get('user_new_password')
user = User.objects.get(id=u_id)
if user.password != old_password:
return Response({"msg":"Invalid Old Password"}, status=status.HTTP_200_OK)
else:
user.set_password(new_password)
return Response({"msg":"Change successfull!"}, status=status.HTTP_201_CREATED)
我得到的错误响应:
{
"msg": "Invalid Old Password"
}
我错过了什么?
还有其他更好的方法吗?
在 CustomChangePasswordView
代码中更新如下:
if user.check_password(old_password):
user.set_password(new_password)
user.save()
return Response({"msg":"Change successfull!"}, status=status.HTTP_201_CREATED)
else:
return Response({"msg":"Invalid Old Password"}, status=status.HTTP_200_OK)
您可以在here中查看有关检查密码的文档。