I'm extending User model in django and I'm not able to authenticate because of raw password

Question

So the problem is I have extended User model in django. and I have written views for it. Here is my models code :-

class StudentProfile(User):
    batch = models.CharField(max_length=10)
    course = models.CharField(max_length=20)
    date_of_birth = models.DateField()
    answer = models.CharField(max_length=20)
    contact = models.CharField(max_length=20)

here is my auth backend file :-

from quizapp.models import StudentProfile

class StudentAuthenticationBackend(object):
    def authenticate(self, username=None, password=None):
        try:
            student = StudentProfile.objects.get(username=username)
            if student.check_password(password):
                return student
        except StudentProfile.DoesNotExist:
            pass

        return None

    def get_user(self, user_id):
        try:
            return StudentProfile.objects.get(pk=user_id)
        except StudentProfile.DoesNotExist:
            return None

And I have made changes in seetings.py

AUTHENTICATION_BACKENDS = (
    'quizapp.backends.StudentAuthenticationBackend',
    'django.contrib.auth.backends.ModelBackend',
)

I'm printing username,password and authentication user. This is what i got :-

When using django created superuser

>> a = authenticate(username="super",password="super")
>> print(a)
>> super

But when using user created by form,

>> b = authenticate(username="test",password="123")
>> print(b)
>> None

I have cross checked username and password and it's true. So but in auth_user table, username is super and password is encrypted but for test user, username is user and password is 123.

So the problem must be django is taking 123 is encrypted password and using decrypted version of it to authenticate.

Is there any way to solve this?

I have used OneToOneField and added extra fields in StudentProfile model. Now I'm using forms and registering user with it.

This is the view code :-

def register_page(request):
    if request.method == 'POST':
        form = RegistrationForm(request.POST)
            if form.is_valid():
                user = StudentProfile.objects.create(
                  username=form.cleaned_data['username'],
                  password=form.cleaned_data['password1'],
                  batch=form.cleaned_data['batch'],
                  first_name=form.cleaned_data['first_name'],
                  last_name=form.cleaned_data['last_name'],
                  course=form.cleaned_data['course'],
                  date_of_birth=form.cleaned_data['date_of_birth'],
                  secret_question=form.cleaned_data['secret_question'],
                  answer=form.cleaned_data['answer'],
                  contact=form.cleaned_data['contact']
                 )
                return HttpResponseRedirect('/register/success/')
   else:
       form = RegistrationForm()

     variables = RequestContext(request, {'form': form})
     return render_to_response('registration/register.html',variables)

And I'm getting IntegrityError at /register/ null value in column "user_id" violates not-null constraint error. Is there any way to fix this?

Answer 1

From the Django authenication docs section on storing additional information about users:

If you'd like to store additional information related to your users, Django provides a method to specify a site-specific related model -- termed a "user profile" -- for this purpose.

To make use of this feature, define a model with fields for the additional information you'd like to store, or additional methods you'd like to have available, and also add a OneToOneField named user from your model to the User model. This will ensure only one instance of your model can be created for each User.

So you shouldn't subclass User at all -- that's the root of your problem. Instead, you should create another model with a one-to-one relationship with User and add your fields there.