Unable to authenticate custom user in Django 3

0
votes

I am unable to authenticate custom user in django==3.1.3 Here is Custom User Manager:

from django.contrib.auth.base_user import BaseUserManager
from django.utils.translation import ugettext_lazy as _


class CustomUserManager(BaseUserManager):
    def create_user(self, username, email, password=None):
        if username is None:
            raise TypeError(_('Users should have a username.'))
        if email is None:
            raise TypeError(_('Users should have a Email.'))

        user = self.model(username=username, email=self.normalize_email(email))
        user.set_password(password)
        user.save()
        return user

    def create_superuser(self, username, email, password=None):
        if password is None:
            raise TypeError(_('Password should not be empty.'))

        user = self.create_user(username, email, password)
        user.is_superuser = True
        user.is_staff = True
        user.save()
        return user

Here's the CustomUser model:

from django.db import models
from django.contrib.auth.models import AbstractBaseUser
from .managers import CustomUserManager


class CustomUser(AbstractBaseUser):

    username = models.CharField(max_length=255, unique=True, db_index=True)
    email = models.EmailField(max_length=255, unique=True, db_index=True)
    is_verified = models.BooleanField(default=False)
    is_active = models.BooleanField(default=True)
    is_staff = models.BooleanField(default=False)
    created_at = models.DateTimeField(auto_now_add=True)
    updated_at = models.DateTimeField(auto_now=True)
    USERNAME_FIELD = 'email'
    REQUIRED_FIELDS = ['username']

    objects = CustomUserManager()

    def __str__(self):
        return self.email

I have added AUTH_USER_MODEL = 'authentication.CustomUser' in settings.py (authentication is the app name)

In the shell, if I run these, I get authenticated_user as None:


user = CustomUser.objects.create(email='[email protected]', username='tejas12', password='tejas12')
authenticated_user = authenticate(email='[email protected]', username='tejas12', password='tejas12')

However, the User gets created successfully with given details.

Also, check_password returns False:

from django.contrib.auth.hashers import check_password

user.check_password('tejas12') # returns False

On creating a user using python manage.py createsuperuser,

authenticate returns the required user, and check_password returns True

How should I authenticate the custom users?

1
pythondjango

1 Answers

0
votes

In your example, you create the user as a regular Django model which doesn't hash password properly

user = CustomUser.objects.create(email='[email protected]', username='tejas12', password='tejas12')

create_user method should be used instead

>>> second_user = CustomUser.objects.create_user(email='[email protected]', username='test', password='test_passwd')
>>> second_user.check_password('test_passwd')
True

Authentication uses default backend unless you specify your own and will rely on the USERNAME_FIELD and password

>>> from django.contrib.auth import authenticate
>>> authenticate(email='[email protected]', username='test', password='test_passwd')
>>> authenticate(email='[email protected]', password='test_passwd')
<CustomUser: [email protected]>