【问题标题】:Unable to authenticate custom user in Django 3无法在 Django 3 中对自定义用户进行身份验证
【发布时间】:2020-12-27 08:45:59
【问题描述】:

我无法在 django==3.1.3 中验证自定义用户 这是自定义用户管理器:

from django.contrib.auth.base_user import BaseUserManager
from django.utils.translation import ugettext_lazy as _


class CustomUserManager(BaseUserManager):
    def create_user(self, username, email, password=None):
        if username is None:
            raise TypeError(_('Users should have a username.'))
        if email is None:
            raise TypeError(_('Users should have a Email.'))

        user = self.model(username=username, email=self.normalize_email(email))
        user.set_password(password)
        user.save()
        return user

    def create_superuser(self, username, email, password=None):
        if password is None:
            raise TypeError(_('Password should not be empty.'))

        user = self.create_user(username, email, password)
        user.is_superuser = True
        user.is_staff = True
        user.save()
        return user

这是 CustomUser 模型:

from django.db import models
from django.contrib.auth.models import AbstractBaseUser
from .managers import CustomUserManager


class CustomUser(AbstractBaseUser):

    username = models.CharField(max_length=255, unique=True, db_index=True)
    email = models.EmailField(max_length=255, unique=True, db_index=True)
    is_verified = models.BooleanField(default=False)
    is_active = models.BooleanField(default=True)
    is_staff = models.BooleanField(default=False)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)
    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ['username']

    objects = CustomUserManager()

    def __str__(self):
        return self.email

我在 settings.py 中添加了 AUTH_USER_MODEL = 'authentication.CustomUser' (认证是应用名称)

在 shell 中,如果我运行这些,我会得到 authenticated_user 为 None:


user = CustomUser.objects.create(email='tejas@gmail.com', username='tejas12', password='tejas12')
authenticated_user = authenticate(email='tejas@gmail.com', username='tejas12', password='tejas12')

但是,使用给定的详细信息成功创建了用户。

另外,check_password 返回 False:

from django.contrib.auth.hashers import check_password

user.check_password('tejas12') # returns False

关于使用 python manage.py createsuperuser 创建用户,

authenticate 返回所需的用户,然后 check_password 返回 True

我应该如何验证自定义用户?

【问题讨论】:

    标签: python django


    【解决方案1】:

    在您的示例中,您将用户创建为无法正确散列密码的常规 Django 模型

    user = CustomUser.objects.create(email='tejas@gmail.com', username='tejas12', password='tejas12')
    
    

    应该改用create_user方法

    >>> second_user = CustomUser.objects.create_user(email='test@example.com', username='test', password='test_passwd')
    >>> second_user.check_password('test_passwd')
    True
    

    身份验证使用默认后端,除非您指定自己的后端,并且将依赖 USERNAME_FIELD 和密码

    >>> from django.contrib.auth import authenticate
    >>> authenticate(email='test@example.com', username='test', password='test_passwd')
    >>> authenticate(email='test@example.com', password='test_passwd')
    <CustomUser: test@example.com>
    

    【讨论】:

      猜你喜欢
      • 2013-05-17
      • 2016-07-05
      • 1970-01-01
      • 2021-06-11
      • 2012-05-06
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多