保存Django用户表单而不更改密码

时间:2015-05-07 12:52:38

标签: django django-registration

我正在维护一个Django应用程序并遇到一个错误,如果用户编辑他们的个人资料,那么他们的密码已损坏;似乎没有使用set_password,因此密码设置为未加密的值,该值在表单中是硬编码的。我不清楚如何改变现有的设置来解决这个麻烦,并欢迎任何建议。更新代码如下所示:

  <global>
    <blocks>
      <mobilepay>
        <class>DevilfishMedia_MobilePay_Block</class>
      </mobilepay>
    </blocks>
    <helpers>
      <mobilepay>
        <class>DevilfishMedia_MobilePay_Helper</class>
      </mobilepay>
    </helpers>
    <models>
      <mobilepay>
        <class>DevilfishMedia_MobilePay_Model</class>
        <resourceModel>mobilepay_mysql4</resourceModel>
      </mobilepay>
            <payment>
                <rewrite>
                    <method_abstract>DevilfishMedia_MobilePay_Model_Payment_Method_Abstract</method_abstract>
                </rewrite>
            </payment>
    </models>
  </global>

然后,导致问题的用户窗体包含这个奇怪的代码:

@login_required
def profile(request):
    user = request.user
    profile, created = UserProfile.objects.get_or_create(user=user)

    if request.method == 'POST':
        userform = UserForm(request.POST, instance=user)
        profileform = ProfileForm(request.POST, instance=profile)

        if profileform.is_valid():
            profileform.save()
        if userform.is_valid():
            userform.save()

        return redirect('user_profile_page')
    else:
        profileform = ProfileForm(instance=profile)
        userform = UserForm(instance=user)
        render(request, 'profiles/edit_profile.html', {'profileform': profileform, 'userform': userform})

return render(request, 'profiles/edit_profile.html', {'profileform': profileform, 'userform': userform})

我不确定密码的值是什么意思。无论如何,我试图通过在UserForm中添加以下内容来修改它:

class UserForm(forms.ModelForm):
    class Meta:
        model = User
        exclude = ('last_login', 'date_joined', 'is_active', 'is_superuser', 'is_staff')

    username = forms.CharField(widget=forms.TextInput(attrs={'readonly': 'readonly'}))

    password = forms.CharField(widget=forms.PasswordInput(attrs={'readonly': 'readonly', 'value': '00000000000000000'}))

我也没有运气,如果我只是从userform或相关的html中省略密码字段,那么表单就不会验证。

def save(self, commit=True):
    user = super(UserForm, self).save(commit=False)
    password = self.cleaned_data["password"]
    if len(password) > 0 and password != '00000000000000000':
        user.set_password(self.cleaned_data["password"])
    if commit:
        user.save()
    return user

有人可以建议如何清理它吗?

1 个答案:

答案 0 :(得分:2)

使用单独的表单编辑密码并将其从此密码中删除。将password添加到exclude列表并删除字段声明。

相关问题
最新问题