问题描述
当我从 django-admin
创建用户时,用户密码已加密.但是当我从Django shell创建用户时,user-pasword以纯文本格式保存.例子:
When i create user from django-admin
user password's are encrypted .but when i create user from django shell user-pasword is saved in plain text .Example :
{
"date_joined": "2013-08-28T04:22:56.322185",
"email": "",
"first_name": "",
"id": 5,
"is_active": true,
"is_staff": false,
"is_superuser": false,
"last_login": "2013-08-28T04:22:56.322134",
"last_name": "",
"password": "pbkdf2_sha256$10000$iGKbck9CED0b$6hWrKYiMPNGKhcfPVGal2YP4LkuP3Qwem+2ydswWACk=",
"resource_uri": "/api/v1/user/5/",
"username": "user4"
},
{
"date_joined": "2013-08-29T01:15:36.414887",
"email": "test@ophio",
"first_name": "",
"id": 6,
"is_active": true,
"is_staff": true,
"is_superuser": true,
"last_login": "2013-08-29T01:15:36.414807",
"last_name": "",
"password": "123test",
"resource_uri": "/api/v1/user/6/",
"username": "test3"
}
我正在尝试为一个简单的博客应用程序制作REST风格的api:当我尝试通过发帖请求[通过传递JSON]插入用户时,密码保存为纯文本.如何忽略此行为.
I am trying to make REST style api for a simple blog app :when i try to insert a user by post request [ by passing JSON ] password is saved as plain text.how to override this behaviour.
推荐答案
您不应像其他人建议的那样通过普通的 User(...)
语法创建用户.您应该始终使用 User.objects.create_user()
,它可以正确设置密码.
You should not create the user via the normal User(...)
syntax, as others have suggested. You should always use User.objects.create_user()
, which takes care of setting the password properly.
user@host> manage.py shell
>>> from django.contrib.auth.models import User
>>> user=User.objects.create_user('foo', password='bar')
>>> user.is_superuser=True
>>> user.is_staff=True
>>> user.save()
这篇关于如何从Django Shell创建用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!