CODEWITHSUNDEEP
pythondjango
user9092892
user9092892

Reputation:

My password is stored inside the email field in Django admin

I have this view that stores data for 2 forms. The data for my second form is fine. But for the main User form, I just want to store the username, password and have a password confirmation. When a user is created, password gets stored inside the email field for some reason.

class UserForm(forms.ModelForm):
    password = forms.CharField(label='Password', max_length=32, required=True, widget=forms.PasswordInput)
    confirm_password = forms.CharField(label='Confirm', max_length=32, required=True, widget=forms.PasswordInput, help_text="Passwords must match!")

    def clean(self):
        cleaned_data = super(UserForm, self).clean()
        password = cleaned_data.get("password")
        confirm_password = cleaned_data.get("confirm_password")

        if password != confirm_password:
            raise forms.ValidationError(
                "password and confirm_password does not match"
            )

    class Meta:
        model = User
        fields = ('username', 'password')
        exclude = ('email',)

def student_register(request, user):
    data = dict()
    if request.method == 'POST':
        form1 = UserForm(request.POST)
        form2 = StudentForm(request.POST, request.FILES)
        if form1.is_valid() and form2.is_valid():
            cd1 = form1.cleaned_data
            user.username = cd1["username"]
            user.password = cd1["password"]
            user.confirm_password = cd1["confirm_password"]
            new_user = User.objects.create_user(user.username, password, confirm_password)
            new_user.save()
            cd2 = form2.cleaned_data
            name = cd2['name']
            surname = cd2['surname']
            email = cd2['email']
            phone = cd2['phone']
            student_id = cd2['student_ID']
            photo = cd2['photo']
            Student.objects.create(user=new_user, name=name, surname=surname, email=email, phone=phone,
                                   student_ID=student_id, photo=photo)
            return redirect('index')
    else:
        form1 = UserForm()
        form2 = StudentForm()
    data['form1'] = form1
    data['form2'] = form2
    return render(request, "student_signup_form.html", data)

Upvotes: 1

Views: 192

Answers (2)

user2390182
user2390182

Reputation: 73460

Extract from the source of UserManager:

class UserManager(BaseUserManager):
    # ....
    def create_user(self, username, email=None, password=None, **extra_fields):
        # ....

Note how you call User.objects.create_user(...) with password as second argument. As you can see from the signature of that method, password is passed as email. confirm_password should not be passed in there at all:

new_user = User.objects.create_user(user.username, password=password)

Upvotes: 0

Alasdair
Alasdair

Reputation: 308849

The second argument of the create_user method is email. Change your code so that you pass password as a keyword argument. You don't need confirm_password on that line.

new_user = User.objects.create_user(user.username, password=password)

Upvotes: 2

Related Questions