authenticate(request, username=username, password =pswd) returns None 自定义用户模型
authenticate(request, username=username, password =pswd) returns None for custom user model
authenticate() 函数正在为 mySQL 数据库中的注册用户返回 none。
我正在使用自定义用户验证,其中注册过程完美无缺。
我正在使用 Django 3.0
的价值
Account.objects.get(username = "uname").password == request.POST['password']
是 True
这是我的 models.py
class AccountManager(BaseUserManager):
#pass USERNAME_FIELD, REQUIRED_FIELDS
def create_user(self, email, username, password=None):
if not email:
raise ValueError( "Email Id not entered")
if not username:
raise ValueError("User Name not entered")
user = self.create_user(
email = self.normalize_email(email),
username = username,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, username, password):
user = self.create_user(
email = self.normalize_email(email),
password = password,
username = username,
)
user.is_admin = True
user.is_staff = True
user.is_superuser = True
user.save(using = self._db)
return user
# Create your models here.
class Account(AbstractBaseUser):
username = models.CharField(max_length = 50, unique= True)
email = models.EmailField(verbose_name = "email", max_length = 50, unique=True)
#few other fields...
USERNAME_FIELD = "username"
REQUIRED_FIELDS = ['email']
objects = AccountManager()
# any object from Account.object will return __str__
def __str__(self):
return self.username
#give permitions to custom user object
def has_perm(self, perm, obj=None):
return self.is_admin
def has_module_perms(self, app_label):
return True
views.py
def register(request):
context = {}
if request.POST:
form = RegistrationForm(request.POST)
if form.is_valid():
form.save()
name = form.cleaned_data.get("username")
raw_password= form.cleaned_data.get('password1')
account = authenticate(username = name, password = raw_password)
login(request, account)
print(str(account))
return redirect('../dashboard/')
else:
context['registration_form'] = form
else:
form = RegistrationForm()
context['registration_form'] = form
return render(request, 'register.html')
def login(request):
context = {}
if request.method == "POST":
form = AuthenticationForm(request.POST)
if form.is_valid:#returns True
name = request.POST["username"]
pswd = request.POST["password"]
user = authenticate(request, username = name, password = pswd)
print("user = " + str(user)) #always returns None
if user:
print("valid user " + str(user))
login(request, user)
print("user is " + str(request.user.is_authenticated))
return redirect("../dashboard/")
form = AuthenticationForm()
context['login_form'] = form
return render(request, 'login.html', context)
settings.py
AUTH_USER_MODEL = "authenticate.Account"
AUTHENTICATION_BACKENDS = (
#'authenticate.Accounts.'
'django.contrib.auth.backends.ModelBackend',
)
你能看看错误是什么吗?
请原谅我的礼节,因为这是我在 Whosebug 中的第一个问题
也请考虑我几周前才开始使用 django
The value of Account.objects.get(username='uname').password == request.POST['password']
is True
.
这不是个好主意。通常密码是散列。事实上,这就是 AbstractBaseUser
基础 class 实现 set_password(..)
method [Django-doc] 的原因。这将散列密码,并将散列密码存储在数据库中。
authenticate(..)
方法也将首先对给定的密码进行哈希处理,然后检查该哈希处理后的密码是否与数据库中存储的密码相对应。
有关详细信息,请参阅 Password management in Django section。
authenticate() 函数正在为 mySQL 数据库中的注册用户返回 none。
我正在使用自定义用户验证,其中注册过程完美无缺。
我正在使用 Django 3.0
的价值
Account.objects.get(username = "uname").password == request.POST['password']
是 True
这是我的 models.py
class AccountManager(BaseUserManager):
#pass USERNAME_FIELD, REQUIRED_FIELDS
def create_user(self, email, username, password=None):
if not email:
raise ValueError( "Email Id not entered")
if not username:
raise ValueError("User Name not entered")
user = self.create_user(
email = self.normalize_email(email),
username = username,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, username, password):
user = self.create_user(
email = self.normalize_email(email),
password = password,
username = username,
)
user.is_admin = True
user.is_staff = True
user.is_superuser = True
user.save(using = self._db)
return user
# Create your models here.
class Account(AbstractBaseUser):
username = models.CharField(max_length = 50, unique= True)
email = models.EmailField(verbose_name = "email", max_length = 50, unique=True)
#few other fields...
USERNAME_FIELD = "username"
REQUIRED_FIELDS = ['email']
objects = AccountManager()
# any object from Account.object will return __str__
def __str__(self):
return self.username
#give permitions to custom user object
def has_perm(self, perm, obj=None):
return self.is_admin
def has_module_perms(self, app_label):
return True
views.py
def register(request):
context = {}
if request.POST:
form = RegistrationForm(request.POST)
if form.is_valid():
form.save()
name = form.cleaned_data.get("username")
raw_password= form.cleaned_data.get('password1')
account = authenticate(username = name, password = raw_password)
login(request, account)
print(str(account))
return redirect('../dashboard/')
else:
context['registration_form'] = form
else:
form = RegistrationForm()
context['registration_form'] = form
return render(request, 'register.html')
def login(request):
context = {}
if request.method == "POST":
form = AuthenticationForm(request.POST)
if form.is_valid:#returns True
name = request.POST["username"]
pswd = request.POST["password"]
user = authenticate(request, username = name, password = pswd)
print("user = " + str(user)) #always returns None
if user:
print("valid user " + str(user))
login(request, user)
print("user is " + str(request.user.is_authenticated))
return redirect("../dashboard/")
form = AuthenticationForm()
context['login_form'] = form
return render(request, 'login.html', context)
settings.py
AUTH_USER_MODEL = "authenticate.Account"
AUTHENTICATION_BACKENDS = (
#'authenticate.Accounts.'
'django.contrib.auth.backends.ModelBackend',
)
你能看看错误是什么吗?
请原谅我的礼节,因为这是我在 Whosebug 中的第一个问题 也请考虑我几周前才开始使用 django
The value of
Account.objects.get(username='uname').password == request.POST['password']
isTrue
.
这不是个好主意。通常密码是散列。事实上,这就是 AbstractBaseUser
基础 class 实现 set_password(..)
method [Django-doc] 的原因。这将散列密码,并将散列密码存储在数据库中。
authenticate(..)
方法也将首先对给定的密码进行哈希处理,然后检查该哈希处理后的密码是否与数据库中存储的密码相对应。
有关详细信息,请参阅 Password management in Django section。