即使密码正确,check_password始终返回false?
问题描述:
我正在使用Django 1.5。我是一个自定义的用户模型是这样的:即使密码正确,check_password始终返回false?
class User(AbstractBaseUser):
#id = models.IntegerField(primary_key=True)
#identifier = models.CharField(max_length=40, unique=True, db_index=True)
username = models.CharField(max_length=90, unique=True, db_index=True)
create_time = models.DateTimeField(null=True, blank=True)
update_time = models.DateTimeField(null=True, blank=True)
email = models.CharField(max_length=225)
#password = models.CharField(max_length=120)
external = models.IntegerField(null=True, blank=True)
deleted = models.IntegerField(null=True, blank=True)
purged = models.IntegerField(null=True, blank=True)
form_values_id = models.IntegerField(null=True, blank=True)
disk_usage = models.DecimalField(null=True, max_digits=16, decimal_places=0, blank=True)
objects = UserManager()
USERNAME_FIELD = 'email'
class Meta:
db_table = u'galaxy_user'
我有一个自定义的验证:
class AuthBackend:
def authenticate(self, username=None, password=None):
if '@' in username:
kwargs = {'email': username}
else:
kwargs = {'username': username}
try:
user = User.objects.get(**kwargs)
if user.check_password(password):
return user
except User.DoesNotExist:
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
即使输入正确的用户名和密码check_password()总是返回false,所以我无法登录后。我想,在终端也:
user.check_password(password)
总是返回False.
#views.py:
def login_backend(request):
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
state = "Username or Password Incorrect!"
if user is not None:
login(request, user)
return HttpResponseRedirect('/overview/')
else:
return render_to_response('login_backend.html', {'state':state}, context_instance=RequestContext(request))
else:
return render_to_response('login_backend.html', context_instance=RequestContext(request))
答
的问题是,当你创建你的CustomUser,为您节省在开方式的密码(不散列)。你能给我你的RegistrationForm代码吗?
在我的情况:
# forms/register.py
class RegistrationForm(forms.ModelForm):
"""
Form for registering a new account.
"""
class Meta:
model = CustomUser
fields = ['username', 'password', 'email']
注册处理程序:
# views.py
def register(request):
"""
User registration view.
"""
if request.method == 'POST':
form = RegistrationForm(data=request.POST)
if form.is_valid():
user = form.save() # Save your password as a simple String
return redirect('/')
else:
form = RegistrationForm()
return render(request, 'news/register.html', {'form': form})
所以,当你尝试登录:
if user.check_password(password):
return user
check_password总是返回False。
解决方案: 要设置的密码正确,你应该重新save()方法中RegistrationForm:
# forms/register.py
class RegistrationForm(forms.ModelForm):
"""
Form for registering a new account.
"""
class Meta:
model = CustomUser
fields = ['username', 'password', 'email']
def save(self, commit=True):
user = super(RegistrationForm, self).save(commit=False)
user.set_password(user.password) # set password properly before commit
if commit:
user.save()
return user
或者简单地改变处理程序:
def register(request):
"""
User registration view.
"""
if request.method == 'POST':
form = RegistrationForm(data=request.POST)
if form.is_valid():
user = form.save(commit=False)
user.set_password(request.POST["password"])
user.save()
return redirect('/')
else:
form = RegistrationForm()
return render(request, 'news/register.html', {'form': form})
请参阅http://www.blackglasses.me/2013/09/17/custom-django-user-model/
和http://www.blackglasses.me/2013/10/08/custom-django-user-model-part-2/
是啊看起来是这样的:f8566297ee28e8a3096497070b37b91d24c2在数据库中。 – pynovice 2013-03-20 06:29:20
是否这样:用户返回user = User.objects.get(** kwargs)返回用户名,但在我做user.check_password(密码)它返回false。基本上它是对用户名进行身份验证,而不是用密码进行身份验证。 – pynovice 2013-03-20 06:41:42
好的。你稍等一会儿。 – pynovice 2013-03-20 06:45:03