我尝试按任何用户错误登录时出错
未知的密码哈希算法'sahar'。您是否在PASSWORD_HASHERS设置中指定了它?
views.py
def Login(request):
state = "Please log in below..."
username = password = ''
if request.method == 'POST':
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
return HttpResponseRedirect('/profile/')
else:
return render_to_response('auth.html',RequestContext(request))
else:
return render_to_response('auth.html',RequestContext(request))
else:
return render_to_response('auth.html',RequestContext(request)
这意味着存储了一个纯文本'sahar'作为尝试登录的用户帐户的密码。
在Admin或manage.py shell中更新用户的密码
user = User.objects.get(username=username)
# use set_password method
user.set_password('sahar')
user.save()
# INSTEAD OF
user.password = 'sahar'
user.save()
还要检查您的其他视图以更正user.password = '...'和User.objects.create(password='...')用法。
这是保存登录详细信息的最佳方法,您可以从表单中创建对象
user = form.save(commit=False)
然后清理数据以删除在表单字段中输入的任何脚本。
username = form.cleaned_data['username']
password = form.cleaned_data['password']
user.set_password(password)
user.save()