如何在將密碼保存到用戶 Model Django 之前對其進行加密?
[英]How to Encrypt Password before saving it to User Model Django?
問題描述
我創建了一個用戶注冊頁面,該頁面將用戶添加到 Django 中的用戶 Model
但是在保存數據時,密碼沒有加密,即只存儲為文本。 這會在用戶嘗試登錄時產生問題(因為 Django 嘗試解密原始密碼,但它們都不匹配)。
此外,我正在擴展用戶 Model 以便添加有關保存在配置文件 Model 中的用戶的更多信息(使用一對一鏈接)
視圖.py
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
user = user_form.save()
auth.login(request,user)
userdata = User.objects.all()
for userinfo in userdata:
if userinfo.username == user.username:
user_id=user.id
update_data = Profile.objects.get(pk = user_id)
update_data.address=address
update_data.phone=phone
update_data.pincode=pincode
update_data.save()
return redirect('/')
else:
return HttpResponse(" SIGNUP FAILED")
else:
form = userSignup()
profile_form = userSignup_profile()
return render(request,"user_signup.html",{'form':form, 'profile_form':profile_form})
def user_logout(request):
auth.logout(request)
return redirect('/')
user_signup.html
<body>
<form action="user_signup" method="POST">
{% csrf_token %}
{{form.as_p}}
{{ profile_form.as_p}}
<button class="primary" type="submit" >SIGNUP </button>
</form>
</body>
模型.py
class Profile(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
phone = models.CharField(max_length=10)
address = models.TextField(max_length=200)
pincode = models.IntegerField()
forms.py
class userSignup(forms.ModelForm):
password = forms.CharField(max_length=50, widget = forms.PasswordInput())
class Meta:
model = User
fields = ('first_name', 'last_name','username', 'password', 'email')
如何以加密形式保存新用戶密碼,而不是實際密碼?
3 個解決方案
解決方案1
2 已采納 2020-05-01 16:12:18
# You have to import make_password
from django.contrib.auth.hashers import make_password
# you have to pass string as parameter
password = "123"
make_password(password)
# You can write your code like this:-
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
user = user_form.save(commit=False)
user.password = make_password("123")
user.save()
.......
.......
解決方案2
1 2020-05-01 16:29:06
Django make_password ( source code ) function 將純文本密碼轉換為適合存儲在持久數據庫中的 hash。
當這個 function 已經存在時,您絕對不想嘗試使用自己的加密和散列函數來存儲密碼。
只需將您的views.py編輯為:
from django.contrib.auth.hashers import make_password
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
# Hash password using make_password() function
user = user_form.save(commit=False)
user.password = make_password(user.password)
user.save()
...
解決方案3
0 2021-12-12 19:10:11
進口地穴
對密碼進行加密。 這將創建一個帶有隨機鹽的密碼 hash。
password_hash = crypt.crypt(密碼)
檢查密碼。
valid_password = crypt.crypt(cleartext, password_hash) == password_hash [官方鏈接][ www 1]
如何在沒有用戶模型的情況下快速加密 Django 中的密碼字符串?
[英]How to quickly encrypt a password string in Django without an User Model?
Django 自定義用戶 Model 無法從管理站點加密密碼
[英]Django Custom User Model Failes to encrypt password from admin site
保存實例之前如何獲取Django模型實例的pk
[英]How to get pk of an instance of a django model before saving the instance
如何在將 ImageField 圖像保存到 python Django 模型之前調整其大小
[英]How to resize an ImageField image before saving it in python Django model
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.