2

I want to insert from a Django into another Django database from other domain a proper password text in auth_user table.

I have tried to generate a encrypt function but I don't know how Django generates a password from plain text into hashed password that is stored in database.

postgres_insert_query = """
          INSERT INTO auth_user (username, first_name, last_name, email, password) VALUES (%s,%s,%s,%s,%s)
        """
        record_to_insert = (username, first_name, last_name, email, password)
        cursor.execute(postgres_insert_query, record_to_insert)
        connection.commit()
        cursor.close()
Improve this question
5
  • Is there a specific reason why you do not use Django's ORM. It has builtin support for setting passwords. Commented Jul 28, 2019 at 9:48
  • @WillemVanOnsem Yes, My Django application generates/edits/removes users from another Django application. It is not the case of more than one database in settings.py of the same application. Commented Jul 28, 2019 at 9:50
  • then it might be better to call the management command to create a user I think, for example with django-createuser. Commented Jul 28, 2019 at 9:51
  • @WillemVanOnsem This tool is useful for shell scripts in a server to generate users, but my Django application is in one server, and the other Django application where I insert the users is placed in other server. Commented Jul 28, 2019 at 9:53
  • well the hashing algorithm is not fixed. You can change it by altering the PASSWORD_HASHERS setting: docs.djangoproject.com/en/2.2/topics/auth/passwords/… and therefore even if you manage to get it working, later it might fail, because the settings have changed. Commented Jul 28, 2019 at 9:55

1 Answer 1

Reset to default
1

The set_password method of your User model will allow you to access both the raw password, and the hashed password. Here is an example:

class User(AbstractBaseUser, PermissionsMixin):
    [...fields...]
    def set_password(self, raw_password):
        # Update the password in the current Django Project
        super().set_password(raw_password)

        # Insert the password into the other database
        cursor = connections["otherdb"].cursor()
        postgres_insert_query = """
          INSERT INTO auth_user
          (username, first_name, last_name, email, password)
          VALUES (?, ?, ?, ?, ?)
        """
        cursor.execute(
            postgres_insert_query,
            [self.username, self.first_name, self.last_name, self.email, self.password]
        )
        cursor.close()

In the example, we have access to the raw_password, and after called set_password(), we have access to the hashed password in self.password. This method will be called every time a user is created or modified within the ORM. For example, I've used this method for updating a hashed password in LDAP whenever it is changed in Django, by the end user or an administrator. Good luck!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.