stackoom
  简体   繁体   中英

Django - How to authenticate a password with MD5 hash

 原文  2016-05-27 23:28:29       python/ django/ hash/ django-forms/ django-views

Question

So I'm trying to use the authentication method in my views, but always return "Does not exist", I'm using MD5 hash for my password field, so I don't know if thats the problem

forms.py 

class LoginForm(forms.Form):
    email = forms.EmailField()
    password = forms.CharField(widget=forms.PasswordInput)

    #This Method Hash the password
    def clean_password(self):
        clearPassNoHash = self.cleaned_data['password']
        self.password = md5.new(clearPassNoHash).hexdigest()
        return self.password

views.py 

def auth_login(request):
    args = {}
    form = LoginForm(request.POST)
    email = request.POST['email']
    password = request.POST['password']
    user = authenticate(email=email, password=password)
    if user is not None:
        login(request, user)
        print("Exist")
    else:
        print("Does not exist")

I've tried with check_password() method(in my forms) that actually works but I don't know why I'm having trouble with the authenticate()

----------------------------- UPDATE --------------------------------

Views.py 

def auth_login(request):
    args = {}
    form = LoginForm(request.POST)
    if form.is_valid():
        username = form.cleaned_data['username']
        password = form.cleaned_data['password']

        user = authenticate(username=username, password=password)
        if user is not None:
            print("existe")
            print user
        else:
            print user

    args['form'] = form
    return render(request, 'login/login.html', args)

forms.py 

class LoginForm(forms.Form):
    username = forms.CharField()
    password = forms.CharField(widget=forms.PasswordInput)

Other observation: I have this in my settings.py to use my custom model 

AUTH_PROFILE_MODULE = 'StudentUsers.StudentRegistration'

and this is the username field I add to my model: 

class StudentRegistration(AbstractBaseUser, models.Model):
    username = models.CharField(max_length = 25, null=False, default="", unique=True)

2 answers

solution1
 0  2016-05-27 23:35:03

You need to get the email and password from the form's cleaned_data, not from the request directly. Read more on the cleaned_data attribute from the docs : https://docs.djangoproject.com/en/1.9/ref/forms/api/#django.forms.Form.cleaned_data 

password = form.cleaned_data['password']

solution2
 0  2016-05-28 10:58:40

You should not be hashing the password value yourself. That is what authenticate already does; so in effect you are hashing twice.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question python django unsalted md5 password hash format Can a simple MD5 hash converted to a django password? How to use Hashlib to MD5 hash a number? How to mock MD5 hash collision MD5 hash With ftplib MD5 hash in Python django: convert unsalted md5 (without salt) hash to pbkdf2 Python regex for MD5 hash Python compare md5 hash MD5 hash Go to Python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM