Question

我使用 django 3.1 和 python 3.8 为我的 django 项目创建了一个自定义用户。显然，登录系统一直说密码不正确，但如果我使用管理站点登录，它仍然有效。

我安装的应用程序是

INSTALLED_APPS = [
    "users.apps.UsersConfig",
    "country.apps.CountryConfig",
    "clients.apps.ClientsConfig",
    # "customers.apps.CustomersConfig",
    "agents.apps.AgentsConfig",
    "products.apps.ProductsConfig",
    "quotes.apps.QuotesConfig",
    "providers.apps.ProvidersConfig",
    # 'countries',
    "banks.apps.BanksConfig",
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "vidabot.apps.VidabotConfig",
    "crispy_forms"    
]

我还创建了一个自定义用户模型和一个自定义用户管理器，如下所示：

from django.db import models
from django.contrib.auth.models import AbstractUser
from django.utils.translation import ugettext_lazy as _
from django.contrib.auth.base_user import BaseUserManager
from django.conf import settings
from PIL import Image

from phonenumber_field.modelfields import PhoneNumberField

class CustomUserManager(BaseUserManager):
    """
    Custom user model manager where email is the unique identifiers
    for authentication instead of usernames.
    """

    def create_user(self, email, password, **extra_fields):
        """
        Create and save a User with the given email and password.
        """
        if not email:
            raise ValueError(_("The Email must be set"))
        email = self.normalize_email(email)
        user = self.model(email=email, **extra_fields)
        user.set_password(password)
        user.save()
        return user

    def create_superuser(self, email, password, **extra_fields):
        """
        Create and save a SuperUser with the given email and password.
        """
        extra_fields.setdefault("is_staff", True)
        extra_fields.setdefault("is_superuser", True)
        extra_fields.setdefault("is_active", True)

        if extra_fields.get("is_staff") is not True:
            raise ValueError(_("Superuser must have is_staff=True."))
        if extra_fields.get("is_superuser") is not True:
            raise ValueError(_("Superuser must have is_superuser=True."))
        return self.create_user(email, password, **extra_fields)
        
        

class AuthUser(AbstractUser):
    username = None
    email = models.EmailField(_("email address"), unique=True)
    phone_number = PhoneNumberField(max_length=15, blank=True, unique=True)
    # firstname = models.CharField(max_length=255)
    # lastname = models.CharField(max_length=255)

    USERNAME_FIELD = "email"
    REQUIRED_FIELDS = []

    objects = CustomUserManager()

    def __str__(self):
        if self.first_name:
            return self.first_name
        return self.email

我的 Views.py 如下

def login(request):
    if request.method == 'POST':
        form = LoginForm(request.POST)
        if form.is_valid():
            cd = form.cleaned_data
            user = authenticate(request, username=cd['username'], password=cd['password'])
            if user is not None:
                if user.is_active:
                    auth_login(request, user)
                    return redirect('dashboard')
                else:
                    messages.error(request, 'The account is disabled')
                    # return HttpResponse('Disabled Account')
            else:
                messages.error(request, f'Incorrect Password! Try Again')
                # return HttpResponse('Invalid username or Password')
    else:
        form = LoginForm()
        
    return render(request, "users/auth_login.html", {'form': form})

登录表单如下

from django import forms
from django.conf import settings

from .models import AuthUser, Profile

class LoginForm(forms.Form):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.helper = FormHelper()
        self.helper.form_class = 'form-horizontal'
        self.helper.form_id = 'login-form'
        self.helper.form_show_labels = False
        self.helper.field_class = 'col-lg-10'
        self.helper.layout = Layout(
            PrependedText('username', '<i class="ti-email"></i>'),
            PrependedText('password', '<i class="ti-lock"></i>'),
            FormActions( Submit('submit', 'Sign in'),)
        )

    username = forms.CharField(
        widget=forms.EmailInput(
            attrs={
                "maxlength": 225,
                "class": "form-control pl-15 bg-transparent",
                "placeholder": "Email",
            }
        )
    )
    password = forms.CharField(
        widget=forms.PasswordInput(
            attrs={
                "minlength": 8,
                "class": "form-control pl-15 bg-transparent",
                "placeholder": "Password",
            }
        )
    )

    class Meta():
        model = AuthUser
        fields = ("username", "password")


    def clean_username(self):
        username = self.cleaned_data.get("username")
        if not AuthUser.objects.filter(email=username).exists():
            raise forms.ValidationError("User with this email doesnot exist! Create an account instead")

出于某种原因，即使凭据正确，它也会一直显示无效密码。当我通过 django 管理站点登录时，登录凭据有效。

我哪里错了。我需要帮助

Answer 1

我发现了问题，其实很简单。在 clean_username 函数中，我没有返回用户名。

def clean_username(self):
    username = self.cleaned_data.get("username")
    if not AuthUser.objects.filter(email=username).exists():
        raise forms.ValidationError("User with this email doesnot exist! Create an account instead")
    return username #Just this line was missing

这就是我所缺少的。

即使登录适用于 Django 管理员，Django 登录也显示密码无效，即使登录凭据正确

1 个答案: