通过Django Admin创建的CustomUser无法登录(Django Rest框架)
我通过覆盖dj_rest_auth,通过DRF创建了一个注册/登录系统 如果向Postman注册一个用户,通过在端点上触发,该用户可以用于通过端点登录 但是,如果通过Django Admin创建用户,则该用户不能用于通过endpoint登录,尤其是通过Django Admin查看时,密码不会散列 如何处理 序列化程序.py通过Django Admin创建的CustomUser无法登录(Django Rest框架),django,django-rest-framework,Django,Django Rest Framework,我通过覆盖dj_rest_auth,通过DRF创建了一个注册/登录系统 如果向Postman注册一个用户,通过在端点上触发,该用户可以用于通过端点登录 但是,如果通过Django Admin创建用户,则该用户不能用于通过endpoint登录,尤其是通过Django Admin查看时,密码不会散列 如何处理 序列化程序.py class CustomLoginSerializer(LoginSerializer): def validate_auth_user_status(self,
class CustomLoginSerializer(LoginSerializer):
def validate_auth_user_status(self, user):
request = self.context.get('request')
if not request.data.get('role'):
msg = 'Role is missing from the payload.'
raise exceptions.ValidationError(msg)
if not user.groups.filter(name=request.data.get('role')).exists():
msg = 'Invalid role for the user.'
raise exceptions.ValidationError(msg)
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
class CustomRegisterSerializer(RegisterSerializer):
name = serializers.CharField()
def get_cleaned_data(self):
super().get_cleaned_data()
return {
'email': self.validated_data.get('email', ''),
'password1': self.validated_data.get('password1', ''),
'name': self.validated_data.get('name', '')
}
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def save(self, request):
user = super().save(request)
user.name = self.get_cleaned_data().get('name')
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
urlpatterns = [
path('auth/registration/', include('dj_rest_auth.registration.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/user-login/', CustomLoginView.as_view(), name='custom_user_login'),
path('auth/google/', GoogleView.as_view(), name='google'),
]
class CustomUser(AbstractBaseUser, PermissionsMixin):
name = models.CharField(max_length=100)
email = models.EmailField(_('email address'), unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
diet_profile = models.OneToOneField(
DietProfile,
on_delete=models.CASCADE,
primary_key=False,
related_name="user",
blank=True, null=True
)
nutritionist = models.ForeignKey(
Nutritionist,
on_delete=models.CASCADE,
related_name="clients",
blank=True,
null=True
)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return str(self.email)
class CustomUserManager(BaseUserManager):
"""
Custom user model manager where email is the unique identifiers
for authentication instead of usernames.
"""
def create_user(self, email, password, **extra_fields):
"""
Create and save a User with the given email and password.
"""
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
def create_superuser(self, email, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(email, password, **extra_fields)
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser
admin.site.register(CustomUser)
url.py
class CustomLoginSerializer(LoginSerializer):
def validate_auth_user_status(self, user):
request = self.context.get('request')
if not request.data.get('role'):
msg = 'Role is missing from the payload.'
raise exceptions.ValidationError(msg)
if not user.groups.filter(name=request.data.get('role')).exists():
msg = 'Invalid role for the user.'
raise exceptions.ValidationError(msg)
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
class CustomRegisterSerializer(RegisterSerializer):
name = serializers.CharField()
def get_cleaned_data(self):
super().get_cleaned_data()
return {
'email': self.validated_data.get('email', ''),
'password1': self.validated_data.get('password1', ''),
'name': self.validated_data.get('name', '')
}
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def save(self, request):
user = super().save(request)
user.name = self.get_cleaned_data().get('name')
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
urlpatterns = [
path('auth/registration/', include('dj_rest_auth.registration.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/user-login/', CustomLoginView.as_view(), name='custom_user_login'),
path('auth/google/', GoogleView.as_view(), name='google'),
]
class CustomUser(AbstractBaseUser, PermissionsMixin):
name = models.CharField(max_length=100)
email = models.EmailField(_('email address'), unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
diet_profile = models.OneToOneField(
DietProfile,
on_delete=models.CASCADE,
primary_key=False,
related_name="user",
blank=True, null=True
)
nutritionist = models.ForeignKey(
Nutritionist,
on_delete=models.CASCADE,
related_name="clients",
blank=True,
null=True
)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return str(self.email)
class CustomUserManager(BaseUserManager):
"""
Custom user model manager where email is the unique identifiers
for authentication instead of usernames.
"""
def create_user(self, email, password, **extra_fields):
"""
Create and save a User with the given email and password.
"""
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
def create_superuser(self, email, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(email, password, **extra_fields)
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser
admin.site.register(CustomUser)
型号.py
class CustomLoginSerializer(LoginSerializer):
def validate_auth_user_status(self, user):
request = self.context.get('request')
if not request.data.get('role'):
msg = 'Role is missing from the payload.'
raise exceptions.ValidationError(msg)
if not user.groups.filter(name=request.data.get('role')).exists():
msg = 'Invalid role for the user.'
raise exceptions.ValidationError(msg)
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
class CustomRegisterSerializer(RegisterSerializer):
name = serializers.CharField()
def get_cleaned_data(self):
super().get_cleaned_data()
return {
'email': self.validated_data.get('email', ''),
'password1': self.validated_data.get('password1', ''),
'name': self.validated_data.get('name', '')
}
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def save(self, request):
user = super().save(request)
user.name = self.get_cleaned_data().get('name')
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
urlpatterns = [
path('auth/registration/', include('dj_rest_auth.registration.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/user-login/', CustomLoginView.as_view(), name='custom_user_login'),
path('auth/google/', GoogleView.as_view(), name='google'),
]
class CustomUser(AbstractBaseUser, PermissionsMixin):
name = models.CharField(max_length=100)
email = models.EmailField(_('email address'), unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
diet_profile = models.OneToOneField(
DietProfile,
on_delete=models.CASCADE,
primary_key=False,
related_name="user",
blank=True, null=True
)
nutritionist = models.ForeignKey(
Nutritionist,
on_delete=models.CASCADE,
related_name="clients",
blank=True,
null=True
)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return str(self.email)
class CustomUserManager(BaseUserManager):
"""
Custom user model manager where email is the unique identifiers
for authentication instead of usernames.
"""
def create_user(self, email, password, **extra_fields):
"""
Create and save a User with the given email and password.
"""
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
def create_superuser(self, email, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(email, password, **extra_fields)
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser
admin.site.register(CustomUser)
编辑:
添加自定义用户管理器和admin.py
manager.py
class CustomLoginSerializer(LoginSerializer):
def validate_auth_user_status(self, user):
request = self.context.get('request')
if not request.data.get('role'):
msg = 'Role is missing from the payload.'
raise exceptions.ValidationError(msg)
if not user.groups.filter(name=request.data.get('role')).exists():
msg = 'Invalid role for the user.'
raise exceptions.ValidationError(msg)
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
class CustomRegisterSerializer(RegisterSerializer):
name = serializers.CharField()
def get_cleaned_data(self):
super().get_cleaned_data()
return {
'email': self.validated_data.get('email', ''),
'password1': self.validated_data.get('password1', ''),
'name': self.validated_data.get('name', '')
}
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def save(self, request):
user = super().save(request)
user.name = self.get_cleaned_data().get('name')
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
urlpatterns = [
path('auth/registration/', include('dj_rest_auth.registration.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/user-login/', CustomLoginView.as_view(), name='custom_user_login'),
path('auth/google/', GoogleView.as_view(), name='google'),
]
class CustomUser(AbstractBaseUser, PermissionsMixin):
name = models.CharField(max_length=100)
email = models.EmailField(_('email address'), unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
diet_profile = models.OneToOneField(
DietProfile,
on_delete=models.CASCADE,
primary_key=False,
related_name="user",
blank=True, null=True
)
nutritionist = models.ForeignKey(
Nutritionist,
on_delete=models.CASCADE,
related_name="clients",
blank=True,
null=True
)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return str(self.email)
class CustomUserManager(BaseUserManager):
"""
Custom user model manager where email is the unique identifiers
for authentication instead of usernames.
"""
def create_user(self, email, password, **extra_fields):
"""
Create and save a User with the given email and password.
"""
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
def create_superuser(self, email, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(email, password, **extra_fields)
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser
admin.site.register(CustomUser)
admin.py
class CustomLoginSerializer(LoginSerializer):
def validate_auth_user_status(self, user):
request = self.context.get('request')
if not request.data.get('role'):
msg = 'Role is missing from the payload.'
raise exceptions.ValidationError(msg)
if not user.groups.filter(name=request.data.get('role')).exists():
msg = 'Invalid role for the user.'
raise exceptions.ValidationError(msg)
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
class CustomRegisterSerializer(RegisterSerializer):
name = serializers.CharField()
def get_cleaned_data(self):
super().get_cleaned_data()
return {
'email': self.validated_data.get('email', ''),
'password1': self.validated_data.get('password1', ''),
'name': self.validated_data.get('name', '')
}
def create(self, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def update(self, instance, validated_data):
pass # Empty because the function is not needed
# but Pylint demanded to implement it anyway
def save(self, request):
user = super().save(request)
user.name = self.get_cleaned_data().get('name')
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
urlpatterns = [
path('auth/registration/', include('dj_rest_auth.registration.urls')),
path('auth/', include('dj_rest_auth.urls')),
path('auth/user-login/', CustomLoginView.as_view(), name='custom_user_login'),
path('auth/google/', GoogleView.as_view(), name='google'),
]
class CustomUser(AbstractBaseUser, PermissionsMixin):
name = models.CharField(max_length=100)
email = models.EmailField(_('email address'), unique=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
date_joined = models.DateTimeField(default=timezone.now)
diet_profile = models.OneToOneField(
DietProfile,
on_delete=models.CASCADE,
primary_key=False,
related_name="user",
blank=True, null=True
)
nutritionist = models.ForeignKey(
Nutritionist,
on_delete=models.CASCADE,
related_name="clients",
blank=True,
null=True
)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = []
objects = CustomUserManager()
def __str__(self):
return str(self.email)
class CustomUserManager(BaseUserManager):
"""
Custom user model manager where email is the unique identifiers
for authentication instead of usernames.
"""
def create_user(self, email, password, **extra_fields):
"""
Create and save a User with the given email and password.
"""
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(email=email, **extra_fields)
user.set_password(password)
user.save()
client_role, _created = Group.objects.get_or_create(name='client')
user.groups.add(client_role)
return user
def create_superuser(self, email, password, **extra_fields):
"""
Create and save a SuperUser with the given email and password.
"""
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
extra_fields.setdefault('is_active', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(email, password, **extra_fields)
from django.contrib import admin
from django.contrib.auth.admin import UserAdmin
from .models import CustomUser
admin.site.register(CustomUser)
添加
CustomUserManager()
,以及admin.py。在admin.py旁边添加了CustomUserManager。两个想法:不要处理任何密码哈希。您可以尝试在CustomRegisterSerializer.save()中调用set\u password()