如何在创建用户时生成一次性密码并将其发送给 Django 中的用户邮件 ID?
[英]How to generate one time password when creating user and send the same to users mail id in Django?
问题描述
I am trying to send a random one-time password to the user when I create a new user and make him change the password when the user login for the first time.
我试图在创建新用户时向用户发送一个随机的一次性密码,并让他在用户第一次登录时更改密码。
3 个解决方案
解决方案1
2 2019-10-15 08:15:22
I would suggest different approach to this.我建议对此采取不同的方法。
When you create a user, set the active flag to false.创建用户时,将活动标志设置为 false。 so the account is not active and then cannot log in.所以该帐户未激活,然后无法登录。
No need to generate a password, leave it blank.无需生成密码,留空即可。
Instead, create a url with special token and send the url.相反,使用特殊令牌创建 url 并发送 url。 If the user goes to this url, it will present a form to set the password for this user.如果用户访问此 url,它将显示一个表单来设置该用户的密码。
This link is only one time use, and it can even expire after certain number of days.此链接只能使用一次,甚至可以在一定天数后过期。
You can look at PasswordResetTokenGenerator in django.contrib.auth.tokens to see how to generate such tokens and change it accordingly.您可以查看django.contrib.auth.tokens中的PasswordResetTokenGenerator以了解如何生成此类令牌并进行相应更改。
You will also need to craft the url to include somehow which user to use ( probably obscure it somehow as it is not apparent ).您还需要制作 url 以包含要使用的用户(可能以某种方式模糊它,因为它不明显)。
解决方案2
1 2019-10-15 07:09:23
I think there is simple solution for that.我认为有一个简单的解决方案。 First of all let me describe user model with minimal requirements for the task:首先让我描述用户 model 对任务的最低要求:
from django.contrib.auth.models import AbstractUser
# ... other import
class CustomUser(AbstractBaseUser):
has_set_password = models.BooleanField(default=False)
# ... other fields
On the other hand, If you do not want to pollute model with unnecessary fields, check out the value of the last_login field, which comes from the AbstractUser model and it's value should be None, if user has not logged in yet.另一方面,如果您不想用不必要的字段污染 model,请查看last_login字段的值,该字段来自AbstractUser model,如果用户尚未登录,则其值应为 None。
After the part above, I'd define post save method for the CustomUser model or in the view where user is created - I'd just assign random one-time password.在上面的部分之后,我将为 CustomUser model 或在创建用户的视图中定义后保存方法 - 我只需分配随机的一次性密码。 After user signs in, I would check the has_set_password flag, if it is False redirect them to set new password (or do something else), if it is True just sign in.用户登录后,我会检查has_set_password标志,如果为False ,则重定向他们以设置新密码(或执行其他操作),如果为True ,请登录。
Hope, this helps.希望这可以帮助。
解决方案3
0 2019-10-15 08:35:21
This will help you.这将对您有所帮助。 I Have tried it for Custom User Creation.我已经尝试过自定义用户创建。 You can first generate a random password/pin like您可以先生成一个随机密码/密码,例如
from random import SystemRandom
def user_create(username):
new_random_obj = SystemRandom()
#generate: 6 digits pin
pin = new_random_obj.randrange(100000, 999999)
user = User.objects.create_user(username=username, password=pin)
Then your create_user Method In UserManager may look Like然后你在 UserManager 中的 create_user 方法可能看起来像
def create_user(self, username, password=None, location=None):
if not username:
raise ValueError('User must have an username')
user = self.model(
username=username
)
user.set_password(password)
user.save(using=self._db)
return user
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.