I hope you are doing fine, I am currently working on a Django project and it's my first one so I have found lots of problems which I am fixing one by one, but I've really got stuck with this one. It's about Django's password encryption in the database records, it simply doesn't encrypt the password for all the users except the admin. I hope that u can help me and thank you for your time :D

models.py

from django.db import models
from django.db.models import Model
from passlib.hash import pbkdf2_sha256 
from django.utils.translation import gettext_lazy as _
from .manager import *
# Create your models here.


class User(Model):
    id = models.AutoField(primary_key=True, unique=True)
    email = models.EmailField( _("email"),max_length = 254 ,null=False)
    password = models.CharField(max_length= 255, null=False)
    first_name = models.CharField(max_length=255)
    last_name = models.CharField(max_length=255)
    is_superuser = models.BooleanField(default=False)
    is_staff = models.BooleanField(default=False)
    is_active = models.BooleanField(default=False)
    objects=CustomUserManager()
    
    USERNAME_FIELD="email"
    REQUIRED_FIELDS= ["password"]

    class Meta:
        abstract = True
        verbose_name = _("user")
        verbose_name_plural = _("users")
    
    def __str__(self):
        return self.first_name   " "   self.last_name

    def getID(self):
        return self.id

    def getEmail(self):
        return self.email
    
    def getPass(self):
        return self.password

    def getFirstName(self):
        return self.first_name

    def getLastName(self):
        return self.last_name

    def checkIfSuperUser(self):
        return self.is_superuser

    def checkIfStaff(self):
        return self.is_staff

    def checkIfActif(self):
        return self.is_active

    def verify_password(self, raw_password):
        return pbkdf2_sha256.verify(raw_password, self.password)

class Prof(User):
    courses = models.CharField(max_length=100)
    
    class Meta:
        verbose_name_plural = 'Profs' 

Manager.py

from .models import *
from django.contrib.auth.base_user import BaseUserManager
from django.utils.translation import gettext_lazy as _
from passlib.hash import pbkdf2_sha256

class CustomUserManager(BaseUserManager):
    def create_user(self, email, password, **extra_fields):
        if not email:
            raise ValueError(_('The Email must be set'))
        email = self.normalize_email(email)
        password = pbkdf2_sha256.encrypt(password)
        user = self.model(email=email, password=password, **extra_fields)
        user.save()
        return user

    def create_superuser(self, email, password, **extra_fields):
        """
        Create and save a SuperUser with the given email and password.
        """
        extra_fields.setdefault('is_staff', True)
        extra_fields.setdefault('is_superuser', True)
        extra_fields.setdefault('is_active', True)

        if extra_fields.get('is_staff') is not True:
            raise ValueError(_('Superuser must have is_staff=True.'))
        if extra_fields.get('is_superuser') is not True:
            raise ValueError(_('Superuser must have is_superuser=True.'))
        return self.create_user(email, password, **extra_fields)

CodePudding user response：

I suggest that you use Django's own user model

https://docs.djangoproject.com/en/4.0/ref/contrib/auth/

If you need something that is not included you can customize it

https://docs.djangoproject.com/en/4.0/topics/auth/customizing/

CodePudding user response：

Why not use AbstractBaseUser class instead of models.Model for creating user model. Then use set password method in user manager