On 10/03/2021 07.54, Kevin Thomas wrote:
> I am creating a web app and I need to authenticate the login. The
> username and password is already stored in mysql database. Can I use
> django for authentication of existing data? It will be great help if
> anyone knows the answer.
>
You can:
https://docs.djangoproject.com/en/3.1/topics/auth/customizing/
The tricky part will most likely the password handling. Hopefully the
passwords are not stored in clear text in the database in which case you
need to figured out how they are hashed and salted.
If the passwords are in clear text, you should export the user database,
reimport them in using standard Django auth and inform all users that
their accounts are potentially compromised and they should change their
password ASAP.
The last part is not only the right thing to do, but to the best of my
knowledge also a legal requirement, at least within the EU (GDPR).
Kind regards,
Kasper Laudrup
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/15ef1bcf-e6e0-6014-917b-de2688bbb2d7%40stacktrace.dk.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment