Not able to authenticate with correct username and password in Django?

问题

I am using Django 1.5. My user model is:

class User(AbstractBaseUser):
    #id = models.IntegerField(primary_key=True)
    #identifier = models.CharField(max_length=40, unique=True, db_index=True)
    username = models.CharField(max_length=90, unique=True, db_index=True)
    create_time = models.DateTimeField(null=True, blank=True)
    update_time = models.DateTimeField(null=True, blank=True)
    email = models.CharField(max_length=225)
    #password = models.CharField(max_length=120)
    external = models.IntegerField(null=True, blank=True)
    deleted = models.IntegerField(null=True, blank=True)
    purged = models.IntegerField(null=True, blank=True)
    form_values_id = models.IntegerField(null=True, blank=True)
    disk_usage = models.DecimalField(null=True, max_digits=16, decimal_places=0, blank=True)
    #last_login = models.DateTimeField()

    objects = UserManager()
    USERNAME_FIELD = 'username'
    class Meta:
        db_table = u'galaxy_user'

I am not able to authenticate with correct username and password. My login function is:

def login_backend(request):
    if request.method == 'POST':
        username = request.POST['username']
        password = request.POST['password']
        user = authenticate(username=username, password=password)
        if user is not None:
            login(request, user)
            return HttpResponseRedirect('/overview/')
        else:
            return HttpResponseRedirect('/login_backend/')
    else:
        return render_to_response('login_backend.html', context_instance=RequestContext(request))

What am I doing wrong?

回答1:

First update your User model, it has no password. Your email field is not charfield I think it's EmailField and your password is not a charfield also. Please search for the correct field. Password must be hash...

backend.py

from django.conf import settings
from app_name.models import User

class AuthBackend:
    def authenticate(self, username=None, password=None):
        if '@' in username:
            kwargs = {'email': username}
        else:
            kwargs = {'username': username}
        try:
            user = User.objects.get(**kwargs)
            if user.check_password(password):
                return user
        except User.DoesNotExist:
            return None

    def get_user(self, user_id):
        try:
            return User.objects.get(pk=user_id)
        except User.DoesNotExist:
            return None

Create "check_password" function via model. The way this check is, the input password must be hash before comparing it to the password that is being save in the database.

Update settings.py

AUTHENTICATION_BACKENDS = (
    'app_name.backend.AuthBackend',
    'django.contrib.auth.backends.ModelBackend',
)

回答2:

Did you configure the user model in settings.py ?

AUTH_USER_MODEL = 'myapp.User'

If you have already ran syncdb you'll have to drop your database and run it again. See : https://docs.djangoproject.com/en/1.5/topics/auth/customizing/#substituting-a-custom-user-model

来源：https://stackoverflow.com/questions/14830260/not-able-to-authenticate-with-correct-username-and-password-in-django