Django:密码存储在django auth_user表中的方式
[英]Django:How password store in django auth_user table
问题描述
I am customizing the django user module and adding some extra fields 
我正在定制django用户模块并添加一些额外的字段
my model is looking like 我的模特看起来像
class Drinker(models.Model):
user = models.OneToOneField(User)
birthday = models.DateField()
name = models.CharField(max_length = 100)
def __unicode__(self):
return self.name
And here is my register view 这是我的注册视图
def DrinkerRegistration(request):
if request.user.is_authenticated():
return HttpResponseRedirect('/profile/')
if request.method == "POST":
form = RegistrationForm(request.POST)
if form.is_valid():
user = User.objects.create(username = form.cleaned_data['username'],email = form.cleaned_data['email'],password = form.cleaned_data['password'])
user.save()
drinker = Drinker(name = form.cleaned_data['name'],birthday = form.cleaned_data['birthday'],user=user)
drinker.save()
return HttpResponseRedirect('/profile/')
else:
form = RegistrationForm()
context = {'form':form}
return render_to_response('register.html',context,context_instance = RequestContext(request))
Now my question is when the user is registering in my auth_user table the password is storing in plan text ie causing 现在我的问题是当用户在我的auth_user表中注册时,密码存储在计划文本中,即导致
Unknown password hashing algorithm '123'. Did you specify it in the PASSWORD_HASHERS setting?
error at the time of login 登录时出错
but for superusers passwords are in SHA1 format (i am not sure ) in auth_user table and they are able to login 但对于超级用户,密码在auth_user表中是SHA1格式(我不确定),他们可以登录
please suggest me how to hash the password field here? 请建议我如何在这里哈希密码字段?
3 个解决方案
解决方案1
4 已采纳 2012-08-23 07:28:26
不要使用User.objects.create() ,使用User.objects.create_user() - 它将使用正确的算法散列提供的密码。
解决方案2
0 2012-08-23 07:29:17
You should let User.set_password hash the password and store it in the appropriate format, or use the appropriate manager function as mentioned in the other answer. 您应该让User.set_password散列密码并以适当的格式存储它,或者使用其他答案中提到的相应管理器函数。
Basically you never asked Django to hash the password and tried to put the plain text in your database. 基本上你从来没有要求Django散列密码并试图将纯文本放在你的数据库中。 In doing so, the format (hasher salt hashed_pass) that Django expected was not met hence the error. 这样做,Django预期的格式(哈希盐hashed_pass)没有得到满足,因此错误。
Better yet, those parts of your app are best done using reusable apps such as Django Registration. 更好的是,您的应用程序的这些部分最好使用可重用的应用程序,如Django注册。
You can then use signals to create the Drinker profile after an user registers (is created). 然后,您可以在用户注册(创建)后使用信号创建Drinker配置文件。
解决方案3
0 2012-08-23 07:29:23
您需要使用create_user()帮助程序函数,该函数将正确设置密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.