-1
J'essaye de se connecter à l'authentification personnalisée avec un legacy database. Jusqu'à présent, je ne sais toujours pas comment le faire. Toutefois, lorsque je copie this example code et essaie d'écrire un exemple de code, cela peut fonctionner. Cependant, ma base de données héritée est le cryptage MD5. J'essaye maintenant de changer mon code d'échantillon au cryptage md5. Je viensAuthentification personnalisée avec l'administrateur django avec le cryptage md5
import hashlib
et #out
ReadOnlyPasswordHashField
et
class UserChangeForm:
changer le code
password = hashlib.md5()
admin.py
from django import forms
from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
#from django.contrib.auth.forms import ReadOnlyPasswordHashField
import hashlib
from .models import MyUser
class UserCreationForm(forms.ModelForm):
"""A form for creating new users. Includes all the required
fields, plus a repeated password."""
password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
class Meta:
model = MyUser
fields = ('email', 'date_of_birth')
def clean_password2(self):
# Check that the two password entries match
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError("Passwords don't match")
return password2
def save(self, commit=True):
# Save the provided password in hashed format
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
class UserChangeForm(forms.ModelForm):
"""A form for updating users. Includes all the fields on
the user, but replaces the password field with admin's
password hash display field.
"""
#password = ReadOnlyPasswordHashField()
password = hashlib.md5()
class Meta:
model = MyUser
fields = ('email', 'password', 'date_of_birth', 'is_active', 'is_admin')
def clean_password(self):
# Regardless of what the user provides, return the initial value.
# This is done here, rather than on the field, because the
# field does not have access to the initial value
return self.initial["password"]
class UserAdmin(BaseUserAdmin):
# The forms to add and change user instances
form = UserChangeForm
add_form = UserCreationForm
# The fields to be used in displaying the User model.
# These override the definitions on the base UserAdmin
# that reference specific fields on auth.User.
list_display = ('email', 'date_of_birth', 'is_admin')
list_filter = ('is_admin',)
fieldsets = (
(None, {'fields': ('email', 'password')}),
('Personal info', {'fields': ('date_of_birth',)}),
('Permissions', {'fields': ('is_admin',)}),
)
# add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
# overrides get_fieldsets to use this attribute when creating a user.
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('email', 'date_of_birth', 'password1', 'password2')}
),
)
search_fields = ('email',)
ordering = ('email',)
filter_horizontal =()
admin.site.register(MyUser, UserAdmin)
# ... and, since we're not using Django's built-in permissions,
# unregister the Group model from admin.
admin.site.unregister(Group)
cependant ,, quand je recréez un utilisateur et vérifier mon db il est encore montre pbkdf2 ?? ,,
Quelqu'un peut-il me dire comment changer de md5? Merci beaucoup!
[Ce n'est pas le cryptage] (https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded). –
Je vous recommande d'utiliser le hachage par mot de passe fort (par exemple, bcrypt) et d'expirer tous les mots de passe des utilisateurs actuels. MD5 ne devrait jamais être utilisé pour hacher des mots de passe. – Mike
merci pour votre suggestion –