Почему django принимает два разных пароля? Никаких ошибок

Почему этот код принимает и пароль, и поле confirm_password? без ошибок Вот первый файл models.py: (отступ здесь не проблема)

from django.db import models
from django.contrib.auth.models import AbstractBaseUser
from .managers import UserManager
from django.utils.translation import ugettext_lazy as _

# Create your models here.
ROLES = (
    ('Customer', 'Customer'), ('Vendor', 'Vendor')
)
class User(AbstractBaseUser):
    email = models.EmailField(verbose_name='Email Address', max_length=255, unique=True)
    first_name = models.CharField(max_length=255)
    last_name = models.CharField(max_length=255)
    active = models.BooleanField(default=True)
    staff = models.BooleanField(default=False)
    admin = models.BooleanField(default=False)
    role = models.CharField(max_length=15, choices=ROLES)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['first_name', 'last_name']

objects = UserManager()

def __str__(self):
    return self.email

def get_name(self):
    return self.first_name + ' ' + self.last_name

def get_role(self):
    return self.role

def has_perm(self, perm, obj=None):
    return True

def has_module_perms(self,  app_label):
    return True

@property
def is_staff(self):
    return self.staff

@property
def is_admin(self):
    return self.admin

@property
def is_active(self):
    return self.active

Затем менеджер для модели пользователя: Здесь я просто принимаю данные и создаю только учетные записи.

from django.contrib.auth.models import BaseUserManager
from django.db import models
from django.utils.translation import ugettext_lazy as _

class UserManager(BaseUserManager):

use_in_migrations = True

def _create_user(self, email, password, **extra_fields):
    if not email:
        raise ValueError('User must have an Email Address')
    user = self.model(email=self.normalize_email(email), **extra_fields)
    user.set_password(password)
    user.save(using=self._db)
    return user

def create_user(self, email, password, **extra_fields):
    extra_fields.setdefault('staff', False)
    extra_fields.setdefault('admin', False)
    return self._create_user(email, password, **extra_fields)

def create_superuser(self, email, password, **extra_fields):
    extra_fields.setdefault('staff', True)
    extra_fields.setdefault('admin', True)

    if extra_fields.get('staff') is not True:
        raise ValueError('Superuser must have "staff" = True')
    if extra_fields.get('admin') is not True:
        raise ValueError('Superuser must have "admin" = True')
    return self._create_user(email, password, **extra_fields)

Здесь я хочу создать модельные формы для создания учетных записей пользователей. Вот файл forms.py:

from django import forms
from django.contrib.auth.forms import ReadOnlyPasswordHashField
from .models import User

class RegistrationForm(forms.ModelForm):
    password = forms.CharField(widget=forms.PasswordInput)
    password2 = forms.CharField(label='Confirm Password', widget=forms.PasswordInput)

    class Meta:
        model = User
        fields = ('email', 'first_name', 'last_name', 'role', 'password', 'password2')

    def clean_email(self):
        email = self.cleaned_data.get('email')
        qs = User.objects.filter(email=email)
        if qs.exists():
            raise forms.ValidationError('Email is already taken, try another email')
        return email

    def clean_password2(self):
        password = self.cleaned_data.get('password')
        password2 = self.cleaned_data.get('password2')

        if password and password2 and  password != password2:
            raise forms.ValidationError('Passwords did not match, try again')
        return password

class UserAdminCreationForm(forms.ModelForm):
    password = forms.CharField(widget=forms.PasswordInput)
    password2 = forms.CharField(label='Confirm Password', widget=forms.PasswordInput)

    def clean_password2(self):
        password = self.cleaned_data.get('password')
        password2 = self.cleaned_data.get('password2')
        if password and password2 and password != password2:
            raise forms.ValidationError('Passwords did not match, try again')
        return password

    def save(self, commit=True):
        user = super(UserAdminCreationForm, self).save(commit=False)
        user.set_password(self.cleaned_data['password'])
        if commit:
            user.save()
        return user


class UserAdminChangeForm(forms.ModelForm):
    password = ReadOnlyPasswordHashField()

    class Meta:
        model = User
        fields = ('email', 'first_name', 'last_name', 'role', 'password', 'admin', 'staff')

    def clean_password(self):
        return self.initial['password']

Наконец, вот файл просмотров:

from django.shortcuts import render, redirect
from .models import User
from .forms import RegistrationForm
from django.contrib import messages
from .models import User
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
import logging

logger = logging.getLogger(__name__)

# Create your views here.
def register(request):
    form = RegistrationForm()

    if request.method == 'POST':
        form = RegistrationForm(request.POST)
        if form.is_valid():
            email = form.cleaned_data['email']
            first_name = form.cleaned_data['first_name']
            last_name = form.cleaned_data['last_name']
            password = form.cleaned_data['password']
            role = form.cleaned_data['role']
            user = User.objects.create_user(
                email=email,
                password=password,
                first_name=first_name,
                last_name=last_name,
                role=role,
            )
            logger.info('New account created by {0} {1} with email:{2} as {3}'.format(
                first_name, last_name, email, role
            ))
            messages.success(request, 'Hi, ' + first_name + ', your account is created successfully!')
            return redirect('/')
    context = {'form': form,}
    return render(request, 'user/register.html', context)

def user_login(request):
    if request.method == 'POST':
        email = request.POST.get('email')
        password = request.POST.get('password')
        user = authenticate(request, email=email, password=password)
        if user is not None:
            login(request, user)
            return redirect('user:home')
        else:
            messages.warning(request, 'Email or Password is incorrect, try again')
    context = {}
    return render(request, 'user/login.html', context)

def user_logout(request):
    logout(request)
    return redirect('user:login')

@login_required(login_url='user:login')
def home(request):
    users = User.objects.all()
    context = {'users': users}
    return render(request, 'user/home.html', context)
Источник

1 ответ

Решение

Я не вижу поля password2 в вашей регистрационной форме. Скорее всего, пароля нет2 и, согласно написанному вами коду, условие "пароли равны или нет" будет проверено, если указаны оба пароля. Так как пароль2 не существует, следующее "условие if" всегда ложно. Следовательно, ошибка проверки не возникает и пароль возвращается каждый раз.

if password and password2 and password != password2:
            raise forms.ValidationError('Passwords did not match, try again')
return password
Источник
Другие вопросы по тегам