0

I am beginner in django and I want to build authentication using custom user model. I have asked question Here. I have been advised to inherit the User Model.

I created custom user model. As all the password are stored using bcrypt function so I created my own custom authentication. Now every time I login, I am getting None even if my password is correct. I want to know what I am missing?

models.py


class AdminUserManager(BaseUserManager):
    def create_user(self, username, password):
        if username is None or password is None:
            raise ValueError("Username and Password is Required")
        else:
            user = self.model(
                username = username,
                password = str(bcrypt.hashpw(password.encode('utf8'),bcrypt.gensalt()),'utf-8')
            )
            user.save(using=self.db)
            return user



class AdminUsers(AbstractBaseUser):
    username=models.CharField(max_length=50,unique=True)
    firstname=models.CharField(max_length=50)
    department=models.CharField(max_length=50)
    mail=models.CharField(max_length=50)
    id=models.IntegerField(primary_key=True)
    password=models.CharField(max_length=200)
    # some more field
    USERNAME_FIELD = 'username'
    REQUIRED_FIELDS = ['mail']

    objects = AdminUserManager()
    class Meta:
        db_table="admin_users"

    def __str__(self):
        return self.username

backend.py

from .models import AdminUsers
import bcrypt

class CustomAuthentication(object):
    def authenticate(self,username,password):
        if username is not None and password is not None:
            user = AdminUsers.objects.get(username=username)
            hashed_password = user.password
            is_check = bcrypt.checkpw(password.encode('utf8'),hashed_password.encode('utf8'))
            if is_check == True:
                return user
            else:
                return None
        else:
            return None
    
    def get_user(self,id):
        user = AdminUsers.objects.get(id=id)
        if user is not None:
            return user
        else:
            return None

views.py

def login(request):
    if request.method == 'POST':
        username = request.POST.get('username')
        password = request.POST.get('password')
        if username is not None and password is not None:
            is_check = authenticate(username=username,password=password)
            # user=AdminUsers.objects.get(username=username)
            # print(user.username,user.password)
            # hashed_password = user.password
            # is_check = bcrypt.checkpw(password.encode('utf8'),hashed_password.encode('utf8'))
            print(is_check)
            if is_check==True:
                return render(request,'Layouts/nav-side-bar.html',context={"User":is_check})
            else:
                return render(request,'AdminUsers/login.html')
    return render(request,'AdminUsers/login.html')

I have added AUTHENTICATION_BACKENDS and AUTH_USER_MODEL in settings.

*** Edit 1 ***

to check whether my CustomAuthentication is working or not, In authenticate function I commented some parts and return user without checking password. I am still getting None. What I understand from this, my customauthentication is not being used for authentication.

def authenticate(self,username,password):
        if username is not None and password is not None:
            user = AdminUsers.objects.get(username=username)
            return user
            # hashed_password = user.password
            # is_check = bcrypt.checkpw(password.encode('utf8'),hashed_password.encode('utf8'))
            # if is_check == True:
            #     return user
            # else:
            #     return None
        else:
            return None
Improve this question

1 Answer 1

Reset to default
1

I made mistake while creating CustomAuthentication. On creating CustomAuthentication I have to inherit the BaseBackend as given in Documentation. So backend.py should look like this. I hope it helps some one else facing same problem.

from django.db import models
from django.db.models.base import Model
from .models import AdminUsers
import bcrypt
from django.contrib.auth.backends import BaseBackend

class CustomAuthentication(BaseBackend):
    def authenticate(self,request,username=None,password=None):
        if username is not None and password is not None:
            user = AdminUsers.objects.get(username=username)
            hashed_password = user.password
            is_check = bcrypt.checkpw(password.encode('utf8'),hashed_password.encode('utf8'))
            if is_check == True:
                return user
            else:
                return None
        else:
            return None
    
    def get_user(self,user_id):
        user = AdminUsers.objects.get(id=user_id)
        if user is not None:
            return user
        else:
            return None
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.