Goun2 Goun2 -4 years ago 65
Python Question

Hashed password becomes the real password

When I try to change user's fields in the django admin and then I save it, the hashed password ends up becoming the true password.

So, If the password is hashed like this pbkdf2adhfkhadqeqerqfavghhfyb, and I change another field in the users model, this hashed password becomes my not hashed password.

My code is like this.

class UserCreationForm(forms.ModelForm):
class Meta:
model = User
fields = ('Email','name','password','is_staff','is_superuser','Teacher',
'Student', 'Data_Joined', 'Is_active')

def save(self, commit=True):
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password"])
if commit:
user.save()
return user

class UserAdmin(admin.ModelAdmin):
form = UserCreationForm

admin.site.register(User, UserAdmin)

Answer Source

I think this is occurring because the UserChangeForm default uses a ReadOnlyPasswordHashField for the field password.

I would try:

class UserCreationForm(forms.ModelForm):

     password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)

    class Meta:
        model = User
        fields = ('Email','name','is_staff','is_superuser','Teacher',
              'Student', 'Data_Joined', 'Is_active')

    def save(self, commit=True):
        user = super(UserCreationForm, self).save(commit=False)
        user.set_password(self.cleaned_data["password1"])
        if commit:
            user.save()
    return user
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download