如何在将密码保存到用户模型Django之前对其进行加密?
我已经创建了一个用户注册页面,它将用户添加到Django中的用户模型中 但在保存数据时,密码不会加密,即仅存储为文本。 这会在用户尝试登录时产生问题(Django尝试解密原始密码,但两者都不匹配) 此外,我还扩展了用户模型,以便添加更多保存在概要文件模型中的用户信息(使用一对一链接) 视图.py如何在将密码保存到用户模型Django之前对其进行加密?,django,django-models,django-forms,django-registration,django-users,Django,Django Models,Django Forms,Django Registration,Django Users,我已经创建了一个用户注册页面,它将用户添加到Django中的用户模型中 但在保存数据时,密码不会加密,即仅存储为文本。 这会在用户尝试登录时产生问题(Django尝试解密原始密码,但两者都不匹配) 此外,我还扩展了用户模型,以便添加更多保存在概要文件模型中的用户信息(使用一对一链接) 视图.py def user_signup(request): if request.method == "POST": user_form = userSignup(request.POS
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
user = user_form.save()
auth.login(request,user)
userdata = User.objects.all()
for userinfo in userdata:
if userinfo.username == user.username:
user_id=user.id
update_data = Profile.objects.get(pk = user_id)
update_data.address=address
update_data.phone=phone
update_data.pincode=pincode
update_data.save()
return redirect('/')
else:
return HttpResponse(" SIGNUP FAILED")
else:
form = userSignup()
profile_form = userSignup_profile()
return render(request,"user_signup.html",{'form':form, 'profile_form':profile_form})
def user_logout(request):
auth.logout(request)
return redirect('/')
class Profile(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
phone = models.CharField(max_length=10)
address = models.TextField(max_length=200)
pincode = models.IntegerField()
class userSignup(forms.ModelForm):
password = forms.CharField(max_length=50, widget = forms.PasswordInput())
class Meta:
model = User
fields = ('first_name', 'last_name','username', 'password', 'email')
user\u signup.html
<body>
<form action="user_signup" method="POST">
{% csrf_token %}
{{form.as_p}}
{{ profile_form.as_p}}
<button class="primary" type="submit" >SIGNUP </button>
</form>
</body>
forms.py
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
user = user_form.save()
auth.login(request,user)
userdata = User.objects.all()
for userinfo in userdata:
if userinfo.username == user.username:
user_id=user.id
update_data = Profile.objects.get(pk = user_id)
update_data.address=address
update_data.phone=phone
update_data.pincode=pincode
update_data.save()
return redirect('/')
else:
return HttpResponse(" SIGNUP FAILED")
else:
form = userSignup()
profile_form = userSignup_profile()
return render(request,"user_signup.html",{'form':form, 'profile_form':profile_form})
def user_logout(request):
auth.logout(request)
return redirect('/')
class Profile(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE)
phone = models.CharField(max_length=10)
address = models.TextField(max_length=200)
pincode = models.IntegerField()
class userSignup(forms.ModelForm):
password = forms.CharField(max_length=50, widget = forms.PasswordInput())
class Meta:
model = User
fields = ('first_name', 'last_name','username', 'password', 'email')
如何以加密形式保存新用户密码,而不是实际密码??
Django()函数将纯文本密码转换为适合存储在持久数据库中的哈希值
您肯定不想尝试使用自己的加密和哈希函数来存储密码,因为该函数已经存在
只需编辑您的视图.py
即可:
from django.contrib.auth.hashers import make_password
def user_signup(request):
if request.method == "POST":
user_form = userSignup(request.POST)
phone = request.POST['phone']
address = request.POST['address']
pincode = request.POST['pincode']
if user_form.is_valid() :
# Hash password using make_password() function
user = user_form.save(commit=False)
user.password = make_password(user.password)
user.save()
...
它不起作用<代码>异常类型:AttributeError
异常值:“userSignup”对象没有属性“password”