stackoom
  简体   繁体   中英

Django authenticate() resets password

 原文  2016-11-09 13:29:37       python/ django/ postgresql

Question

I have a weird problem here. When I login, it works well as expected but when I try to logout and try to login again, it says that my password is invalid.

I checked my User table and it's really changing my password everytime I use authenticate() function.

I got this error a month ago (still django 1.8 at that time) but gone after many testing and tracing and praying and didn't have a single idea what happened. It only occurs in my local machine though.

authentication.py

after authenticate() function, my password is already changed (tried to put a breakpoint after the function so I know for sure that this is the culprit). 

from django.contrib.auth import authenticate, logout, login

def signin(request):
    if request.method == "POST":
        result = {}
        data = req_data(request)
        try:
            user = authenticate(username = data['email'], password = data['password'])
            if user:
                if user.is_active:
                    login(request, user)
                    #return success for redirection
                else:
                    raise ValueError("This user is inactive. Please contact your admin.")
            else:
                raise ValueError("Invalid username/password.")
        except Exception as e:
            return HttpResponse(e, status = 400)
    else:
        return redirect("login")

def signout(request):
    logout(request)
    return redirect("login")

#gets the params from ajax post
def req_data(request):
    return json.loads(request.body.decode("utf-8")) if request.body.decode("utf-8") else {}

I checked the DB and got this result.

Old Password

pbkdf2_sha256$20000$N4esMaOT5BYi$nIehHw63b+iZSz2Vmu1hEO10BqPfzAGu1cZA1ci/nXI=

New Password (After login)

pbkdf2_sha256$24000$KVZeuG4pgSkv$VIenbuq0Wk8sYZros4kE4Q7W0Jt+bOC23ha4/VSOXV8=

EDIT:

for the meantime, I am not using authenticate() and just use a generic password. 

username = data.get('email',"")
password = data.get('password',"")
if password == "genericpassword123":
    try:
        user = User.objects.get(email = username)
        user.backend = 'django.contrib.auth.backends.ModelBackend'
    except User.DoesNotExist:
        raise ValueError("Invalid username/password.")
else:
    user = authenticate(username = username, password = password)

if user:
    if user.is_active:
        login(request, user)
        #return success for redirection
    else:
        raise ValueError("This user is inactive. Please contact your admin.")
else:
    raise ValueError("Invalid username/password.")

Python 2.7

Django 1.9

Postgre 9.4

Thanks!

1 answers

solution1
 0  2016-11-10 10:12:41

It's working now. I never thought that it works in different account with different password.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Creating Users & Sending Password Resets in Django Django - How to authenticate a password with MD5 hash Django cannot authenticate or password hashing is wrong Django authenticate function returning None when passed existing username and password authenticate function in django using hashed password not the raw one Django pagination resets Error with system for email password resets Tweepy authenticate with username/password Django resets connection on some requests How can i authenticate any user for login with an extra field (other then username/ email and password) in django
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM