无效的密码格式或未知的散列算法

时间:2012-05-10 13:13:44

标签: django

我网站上的一位用户最近设法在尝试登录时触发此追溯。在Django Admin中,他的密码为Invalid password format or unknown hashing algorithm.

我不知道是什么导致了这一点。到目前为止,这是一个孤立的案例,我和其他用户已成功注册并登录该网站。

回溯 

Traceback (most recent call last):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/core/handlers/base.py", line 111, in get_response
   response = callback(request, *callback_args, **callback_kwargs)

 File "/var/git/bbox/userprofile/views.py", line 67, in login_view
   if form.is_valid():

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 124, in is_valid
   return self.is_bound and not bool(self.errors)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 115, in _get_errors
   self.full_clean()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 271, in full_clean
   self._clean_form()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 299, in _clean_form
   self.cleaned_data = self.clean()

 File "/var/git/bbox/userprofile/forms.py", line 83, in clean
   self.user_cache = authenticate(username=username, password=password)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 45, in authenticate
   user = backend.authenticate(**credentials)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/backends.py", line 15, in authenticate
   if user.check_password(password):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/models.py", line 304, in check_password
   return check_password(raw_password, self.password, setter)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 42, in check_password
   hasher = get_hasher(algorithm)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 115, in get_hasher
   "setting?" % algorithm)

ValueError: Unknown password hashing algorithm ''. Did you specify it in the PASSWORD_HASHERS setting?

2 个答案:

答案 0 :(得分:5)

不是将密码设置为空字符串,而是使用set_unusable_password() method of User model将密码设置为不可用:

user.set_unusable_password()

请参阅文档中的更多内容:https://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.set_unusable_password

答案 1 :(得分:0)

原来用户是“邀请”用户。在我的邀请代码中,我使用这段代码创建了用户:

    user = User.objects.create(
            username=cd['email'],
            email=cd['email'],
            first_name=cd['first_name'],
            last_name=cd['last_name'],
            is_active=False)

如您所见,我没有设置密码。修复方法是应用临时密码,因为用户在到达电子邮件中发送给他的验证链接后将被要求创建新密码。

    # set a random pw. user will be prompted to change
    # on log in
    user.set_unusable_password()
    user.save()

所以基本上,如果您创建一个用户对象而不设置密码并尝试将他登录到您的站点(使用django的auth系统),您将获得此回溯。

相关问题
最新问题