What is the view code that you are calling to actually create the user? I suspect you are simply doing something like:
user.password = <password value from POST>
That will store the password in plain text in the DB, but Django is expecting it to be hashed, so it never matches.
You should be using either the create_user() shortcut or using the set_password() method on the user object. See this:
https://docs.djangoproject.com/en/1.8/topics/auth/default/#changing-passwords
-James
Hello,--I am following instructions under https://django-oauth-toolkit.readthedocs.org/en/latest/rest-framework/getting_started.htmlI am having trouble with creating a user with encrypted password.I am able to create a user with the callcurl -H "Authorization: Bearer lXbYKZqnPeqOyYaHyB3EOAvcMny13j" -X POST -d"username=foo1&password=bar1&first_name=foo1&email=" http://${endpoint}/users/
{"id":30,"password":"bar1","last_login":null,"is_superuser":false,"username":"foo1","first_name":"foo1","last_name":"","email":"","is_staff":false,"is_active":true,"date_joined":"2015-04-30T07:26:00.857445Z","groups":[],"user_permissions":[]}(env)
As you can see, it is creating a new user but the password is in clear text.
As a result, I am unable to get a user token
curl -X POST -d "grant_type=password&username=foo1&password=bar1&scope=read" -u"${clientid}:${clientsecret}" http://${endpoint}/o/token/
{"error_description": "Invalid credentials given.", "error": "invalid_grant"}(env)
I sort of found a workaround. I can go in as admin to the console and change the user password manually. This seem to store the password as encrypted. How do I sole this via api calls?
I am sure I am missing something. Appreciate if someone could unblock me.
- Shekar
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/ee2bc7a2-9103-41ec-8328-7db20a91c062%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciX7U%2BfyHQAiAS4XEauUqWKru_jA5bK6NUcQEKuHgbHKVA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment