Somehow, I have a user in my data base from the django.contrib.auth.models
model which isn't being authenticated.
So we have, in the ./manage.py shell:
>>> django.contrib.auth.models.User.objects.filter(username='tester')[0].password
u'yolo'
>>> django.contrib.auth.models.User.objects.filter(username='tester')[0].username
u'tester'
but:
>>> should_be_tester = django.contrib.auth.authenticate(username='tester',password='yolo')
returns nothing. Is there something that needs to be done to the users before django will authenticate them? I think I created these using objects.create()
.
It looks as though your password is stored as clear text in the database. Try using the set_password
method so that the password is run through the proper hashing algorithm.
When you call the authenticate
method Django is running yolo
through a hashing algorithm which produces a password that looks something like so: jRQarGxWd7ZV$+npDSC0ffIXAOUo/R5KSaPFbauQdTV5eAOmkq1P/p/Y=
and then comparing the hashed value to what is stored in the database, in your case a plain text version of yolo
. Since you are storing the password in plain text the values don't match and None
is returned.
>>> from django.contrib.auth.models import User
>>> from django.contrib.auth import authenticate
>>> u = User.objects.get(username='tester')
>>> u.set_password('yolo')
>>> u.save()
>>> should_be_tester = authenticate(username='tester', password='yolo')
>>> print(should_be_tester)
tester
Additional note. When you are wanting to retrieve one and only one record from the database use the .get()
method instead of .filter()[0]
.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.