BrianCas BrianCas - 1 year ago 131
Python Question

Django - how to save my hashed password

I'm trying to save my hashed password in my database, but It keeps saving my plaintext password


class StudentRegistration(models.Model):
email = models.EmailField(max_length=50)
first_name = models.CharField(max_length=20)
last_name = models.CharField(max_length=20)
password = models.CharField(max_length=100, default="", null=False)
prom_code = models.CharField(max_length=8, default="", null=False)
gender = (
gender = models.CharField(max_length=1, choices=gender, default="M", null=False)
prom_name = models.CharField(max_length=20, default="N/A")
prom_year = models.IntegerField(max_length=4, default=1900)
school = models.CharField(max_length=50, default="N/A")

def save(self):
Myobj = Space.objects.get(prom_code = self.prom_code)
self.prom_name = Myobj.prom_name
self.prom_year = Myobj.prom_year = Myobj.school_name

super(StudentRegistration, self).save()

except Space.DoesNotExist:


def register_user(request):
args = {}
if request.method == 'POST':
form = MyRegistrationForm(request.POST) # create form object
if form.is_valid():
clearPassNoHash = form.cleaned_data['password']
form.password = make_password(clearPassNoHash, None, 'md5')
form = MyRegistrationForm()
print ('se salvo')
print ('Error en el form')
form = MyRegistrationForm()

args['form'] = form #MyRegistrationForm()

return render(request, 'register/register.html', args)

I've printed the hashed result so I know it is hashing but not saving that.

Am I using the make_password wrong? or is there any better way to protect my passwords?

--------------------------UPDATE:(The Solution)----------------------------

Remember In

#The Hasher you are using

#Import and add the AbstractBaseUser in your model

class StudentRegistration(AbstractBaseUser, models.Model):

if form.is_valid():
user =
clearPassNoHash = form.cleaned_data['password']
varhash = make_password(clearPassNoHash, None, 'md5')

Answer Source

Use Django set_password in the documentation

You also need to get your model object from the form using

if form.is_valid():
    # get model object data from form here
    user =

    # Cleaned(normalized) data
    username = form.cleaned_data['username']
    password = form.cleaned_data['password']

    #  Use set_password here
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download