Whether the password stores in the keystone's password table, and if is, how does the password maps the user's password?

Question

Where is the user's password is store ?

I can not find in the keystone's user table:

But I can find in the keystone's password table:

does the password is map the user's password?

My question is :

Whether the password stores in the keystone's password table? and if is, how does the password maps the user's password? and does the password's encrypted? I never see this type password.

I never see this type password. because I use the openstacksdk register a project and user, I can not login. I don't know why. So, I want to get some idea about it here.

---

My project's django code is bellow, use openstacksdk to register:

def register(request):

    if request.method == 'GET':
        return render(request, 'frontend/register.html')
    elif request.method == 'POST':

        username = request.POST.get('username')
        password = request.POST.get('password')
        phone = request.POST.get('phone')
        email = request.POST.get('email')
        usertype = 1

        app_user_params = {

            "username":username,
            "password":hashlib.sha1(password).hexdigest(), # sha1加密
            "phone":phone,
            "email":email,
            "usertype":usertype
        }

        user_form = UserMF(app_user_params)

        if user_form.is_valid():

            obj_user = models.User.objects.filter(username=username)
            obj_phone = models.User.objects.filter(phone=phone)
            obj_email = models.User.objects.filter(email=email)


            # 使用admin用户创建project和user

            from openstack import connection

            connection = connection.Connection(**settings.ADMIN_OPENRC)

            admin_conn = OpenstackConn.OpenstackAdminConn()
            admin_conn.admin_conn = connection

            # 创建项目(先创建项目,再创建用户)
            project_params = {
                "description":username+"'s project",
                "is_domain":False,
                "enable":False,  # I set True still has this issue.
                "name":username,  # 给的是用户名，也是唯一的
            }

            try:
                new_project = admin_conn.admin_conn.identity.create_project(**project_params)  # create_project

                print (new_project, new_project.id, "new project created")
            except Exception as e:
                print (e.message)
                return HttpResponse(json.dumps({'status_code':0,'info':e.message.encode('utf-8')}))

            # 创建 openstack_cloud user
            user_params = {
                "default_project_id":new_project.id,
                "email":email,
                "enabled":False,
                "name":username,
                "password":password
            }

            try:
                new_user = admin_conn.admin_conn.identity.create_user(**user_params)
                print (new_user, new_user.id, "new user created")
            except Exception as e:
                admin_conn.admin_conn.identity.delete_project(new_project)
                print (e.message)
                return HttpResponse(json.dumps({'status_code': 0, 'info': e.message.encode('utf-8')}))

I don't know whether I write wrong, or password will encrypt.

---

EDIT-1

I print the new created user, and user.id:

(openstack.identity.v3.user.User(name=liaodalin15, links={u'self': u'http://controller:5000/v3/users/66c60156d0f24a118df54f19e2705aaf'}, enabled=False, domain_id=default, email=xxxxxxxxx@126.com, default_project_id=a829eda8c4de479d8ca5c3a4335c793a, password=liaodalin15, id=66c60156d0f24a118df54f19e2705aaf, password_expires_at=None), u'66c60156d0f24a118df54f19e2705aaf')

Seems the password did now encrypt.  Does this should encrypt by ourself? 

Answer 1

In the end, I figured out the issue:

Because use openstacksdk create user default is disabled, so I should eable it.