0

I am not really understanding why I am unable to login as a user that I created using Django REST Framework. I am using the User Model from django.contrib.auth.models import User.

I am spinning up the server locally, and can log in with a superuser that I created and access the data I want to, but I have created the API such that I can create Users through the browsable API, and I wish to log in with one of those users. However I am not able to.

Any suggestions? For the picture below, I would not be able to login using 'test' username, and 'test123' password.

This is the error when trying to log in. Please enter a correct username and password. Note that both fields may be case-sensitive.

enter image description here

SERIALIZER

class UserSerializer(serializers.HyperlinkedModelSerializer):
    ideas = serializers.HyperlinkedRelatedField(many=True, view_name='idea-detail', read_only=True, allow_null=True)
    ideacomments = serializers.HyperlinkedRelatedField(many=True, view_name='ideacomment-detail', read_only=True,
                                                       allow_null=True)

    class Meta:
        model = User
        fields = ('url', 'id', 'username', 'password', 'email',
                  'first_name', 'last_name',
                  'date_joined', 'ideas', 'ideacomments')

VIEW

class UserViewSet(MultipleFieldLookupMixin, viewsets.ModelViewSet):
    """
    This viewset automatically provides `list` and `detail` actions.
    """
    queryset = User.objects.all()
Improve this question
4
  • Is there an error that is being given? Commented Dec 23, 2016 at 23:06
  • Please enter a correct username and password. Note that both fields may be case-sensitive. Commented Dec 23, 2016 at 23:22
  • Are you using a custom User model? Commented Dec 23, 2016 at 23:26
  • I am using the User model found in from django.contrib.auth.models import User package. Commented Dec 23, 2016 at 23:27

2 Answers 2

Reset to default
1

The picture you posted shows a list of your users, right? I'm wondering why the password is shown in clear. Normally Django does not store passwords themselves but hashes. So maybe that's the problem? Did you use the User model's set_password function when creating the user?

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

I did not, but I was still able to create these records. The one user I created using the 'python create superuser' command does actually have a large hashed password. These were created using the Web GUI and the a web request to 127.0.0.1/users/ with json for a User.
The Rest Framework does not "translate" the passwords to the required hashes. You have to do it yourself. Write your own POST handler and use the USER model's set_password (just like explained by Md. Al-Amin). You might find this helpful: django-rest-framework.org/tutorial/3-class-based-views
Even if I translate the passwords, and store them as hashes, why would that work? They are being stored as plain text.
crystalAhmet - I did what you said, and it does in fact work.
0

Make sure you are saving password correctly. Django store password as hash not in plain text format.

Example: creating a new user. 

user = User.objects.create(username='testuser')
user.set_password('testpass')
user.save()
Improve this answer

1 Comment

I don't do any of that, I think it may be handled by the Django Rest Framework. I posted the View/Serializer I use. All the Users I created through the Web GUI, or through Postman using the URL 127.0.0.01/users/

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.