I am using Django 1.3/Python 2.7.
My application is using django.contrib.auth for User management. For the main user registration I have a form which checks if the 'email' has already been registered. So it makes sure all email fields are unique.
But it happens that some admins use the django admin interface to add users, and end up adding duplicate accounts with the same email.
For this purpose I have created a NewUserCreationForm, where I've duplicated the django.contrib.auth.UserCreationForm and added an 'email' field to it.
class NewUserCreationForm(forms.ModelForm):
"""
A form that creates a user, with no privileges, from the given username and password.
"""
username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^[\w.#+-]+$',
help_text = _("Required. 30 characters or fewer. Letters, digits and #/./+/-/_ only."),
error_messages = {'invalid': _("This value may contain only letters, numbers and #/./+/-/_ characters.")})
password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput,
help_text = _("Enter the same password as above, for verification."))
email = forms.EmailField(label=_("Email"), max_length=75)
class Meta:
model = User
fields = ("username", "email")
def clean_username(self):
username = self.cleaned_data["username"]
try:
User.objects.get(username=username)
except User.DoesNotExist:
return username
raise forms.ValidationError(_("A user with that username already exists."))
def clean_password2(self):
password1 = self.cleaned_data.get("password1", "")
password2 = self.cleaned_data["password2"]
if password1 != password2:
raise forms.ValidationError(_("The two password fields didn't match."))
return password2
def save(self, commit=True):
user = super(NewUserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
user.email = self.email
if commit:
user.save()
return user
class CustomUserAdmin(UserAdmin):
add_form = NewUserCreationForm
admin.site.unregister(User)
admin.site.register(User, CustomUserAdmin)
But this code isn't working. I can see the form rendering, but with no email field, just the Username, password1 and password2 fields.
what is it that I am missing here?
You are missing ... UserAdmin.add_fieldsets, e.g.:
class CustomUserAdmin(UserAdmin):
add_form = NewUserCreationForm
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('username', 'password1', 'password2', 'email')}
),
)
Related
For a Django project, I have a customized User model:
class User(AbstractUser):
username = None
email = models.EmailField(_('e-mail address'),
unique=True)
first_name = models.CharField(_('first name'),
max_length=150,
blank=False)
last_name = models.CharField(_('last name'),
max_length=150,
blank=False)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['first_name', 'last_name']
objects = UserManager()
def __str__(self):
return self.email
I'm creating a new user registration form:
class UserRegistrationForm(forms.ModelForm):
auto_password = forms.BooleanField(label=_('Generate password and send by mail'),
required=False,
initial=True)
password = forms.CharField(label=_('Password'),
widget=forms.PasswordInput)
password2 = forms.CharField(label=_('Repeat password'),
widget=forms.PasswordInput)
class Meta:
model = User
fields = ('email', 'first_name', 'last_name', 'is_staff',
'is_superuser')
def clean_password2(self):
cd = self.cleaned_data
if cd['password'] != cd['password2']:
raise forms.ValidationError(_("Passwords don't match."))
return cd['password2']
My form has a auto_password boolean field. When this checkbox is set, the password and password2 fields must not be checked, as their content (or the absence of content) has no importance. On the opposite, when the auto_password checkbox is unset, the password and password2 must be checked.
Is there a way to optionnally disable the Django form checks whenever needed?
Thanks for the help.
You add this to the the condition in the clean method:
class UserRegistrationForm(forms.ModelForm):
auto_password = forms.BooleanField(
label=_('Generate password and send by mail'),
required=False,
initial=True
)
password = forms.CharField(
label=_('Password'),
widget=forms.PasswordInput
)
password2 = forms.CharField(
label=_('Repeat password'),
widget=forms.PasswordInput
)
class Meta:
model = User
fields = ('email', 'first_name', 'last_name', 'is_staff',
'is_superuser')
def clean(self):
data = super().clean()
if not data['auto_password'] and data['password'] != data['password2']:
raise forms.ValidationError(_('Passwords don't match.'))
return data
The not data['auto_password'] will thus return False in case the checkbox is checked, and in that case the the check of data['password'] != data['password2'] will not run, nor will it raise a ValidationError.
You can also remove the required=True properties, and check if the password contains at least one character by checking it truthiness:
class UserRegistrationForm(forms.ModelForm):
auto_password = forms.BooleanField(
label=_('Generate password and send by mail'),
# no required=True
initial=True
)
password = forms.CharField(
label=_('Password'),
widget=forms.PasswordInput
)
password2 = forms.CharField(
label=_('Repeat password'),
widget=forms.PasswordInput
)
class Meta:
model = User
fields = ('email', 'first_name', 'last_name', 'is_staff',
'is_superuser')
def clean(self):
data = super().clean()
manual = not data['auto_password']
if manual and not data['password']:
raise forms.ValidationError(_('Password is empty.'))
if manual and data['password'] != data['password2']:
raise forms.ValidationError(_('Passwords don't match.'))
return data
Can't you just include it in your logic?
if not cd['auto_password'] and (cd['password'] != cd['password2']):
raise forms.ValidationError(_("Passwords don't match."))
I customed the User in Django following the code providing by the Documentation (for the models.py and the admin.py)
I have a custom User using his email to auth (and not the username)
I can create new user but I cannot delete them in the django admin panel. When I try i go this error message: FOREIGN KEY constraint failed
models.py
from django.db import models
from django.contrib.auth.models import (
BaseUserManager, AbstractBaseUser
)
class MyUserManager(BaseUserManager):
def create_user(self, email, date_of_birth, password=None):
"""
Creates and saves a User with the given email, date of
birth and password.
"""
if not email:
raise ValueError('Users must have an email address')
user = self.model(
email=self.normalize_email(email),
date_of_birth=date_of_birth,
)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, email, date_of_birth, password):
"""
Creates and saves a superuser with the given email, date of
birth and password.
"""
user = self.create_user(
email,
password=password,
date_of_birth=date_of_birth,
)
user.is_admin = True
user.save(using=self._db)
return user
class MyUser(AbstractBaseUser):
email = models.EmailField(
verbose_name='email address',
max_length=255,
unique=True,
)
date_of_birth = models.DateField()
is_active = models.BooleanField(default=True)
is_admin = models.BooleanField(default=False)
objects = MyUserManager()
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['date_of_birth']
def __str__(self):
return self.email
def has_perm(self, perm, obj=None):
"Does the user have a specific permission?"
# Simplest possible answer: Yes, always
return True
def has_module_perms(self, app_label):
"Does the user have permissions to view the app `app_label`?"
# Simplest possible answer: Yes, always
return True
#property
def is_staff(self):
"Is the user a member of staff?"
# Simplest possible answer: All admins are staff
return self.is_admin
admin.py
from django import forms
from django.contrib import admin
from django.contrib.auth.models import Group
from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
from django.contrib.auth.forms import ReadOnlyPasswordHashField
from register.models import MyUser
class UserCreationForm(forms.ModelForm):
"""A form for creating new users. Includes all the required
fields, plus a repeated password."""
password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
class Meta:
model = MyUser
fields = ('email', 'date_of_birth')
def clean_password2(self):
# Check that the two password entries match
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError("Passwords don't match")
return password2
def save(self, commit=True):
# Save the provided password in hashed format
user = super().save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
class UserChangeForm(forms.ModelForm):
"""A form for updating users. Includes all the fields on
the user, but replaces the password field with admin's
password hash display field.
"""
password = ReadOnlyPasswordHashField()
class Meta:
model = MyUser
fields = ('email', 'password', 'date_of_birth', 'is_active', 'is_admin')
def clean_password(self):
# Regardless of what the user provides, return the initial value.
# This is done here, rather than on the field, because the
# field does not have access to the initial value
return self.initial["password"]
class UserAdmin(BaseUserAdmin):
# The forms to add and change user instances
form = UserChangeForm
add_form = UserCreationForm
# The fields to be used in displaying the User model.
# These override the definitions on the base UserAdmin
# that reference specific fields on auth.User.
list_display = ('email', 'date_of_birth', 'is_admin')
list_filter = ('is_admin',)
fieldsets = (
(None, {'fields': ('email', 'password')}),
('Personal info', {'fields': ('date_of_birth',)}),
('Permissions', {'fields': ('is_admin',)}),
)
# add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
# overrides get_fieldsets to use this attribute when creating a user.
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('email', 'date_of_birth', 'password1', 'password2')}
),
)
search_fields = ('email',)
ordering = ('email',)
filter_horizontal = ()
# Now register the new UserAdmin...
admin.site.register(MyUser, UserAdmin)
# ... and, since we're not using Django's built-in permissions,
# unregister the Group model from admin.
admin.site.unregister(Group)
view.py
from django.contrib.auth import login, authenticate
from django.contrib.auth.forms import UserCreationForm
from django.shortcuts import render, redirect
from django.contrib.auth import logout
from django.core.mail import send_mail
from .admin import UserCreationForm
def registration_view(request):
context = {}
if request.POST:
form = UserCreationForm(request.POST)
if form.is_valid():
form.save()
email = form.cleaned_data.get('email')
raw_password = form.cleaned_data.get('password1')
account = authenticate(email=email, password=raw_password)
login(request, account)
return render(request, 'register/home.html')
else:
context['registration_form'] = form
else:
form = UserCreationForm()
context['registration_form'] = form
return render(request, 'register/signup.html', context)
Mostly you get this error when the user you are trying to delete has some records associated in other tables.
Two options are:
Delete the associated records from the other tables first. And then try to delete this user.
Add on delete cascade option to the other tables' foreign keys referring to the user table. (This option will automatically remove any associated records from the other tables for the user you are trying to delete.)
I'm trying to reuse a code for registration form from my older project. The problem is that Django says that UserCreationForm hasn't attribute clean_password1.
Do you know where is the problem? I see that there is not such attribute in UserCreationForm but it worked before.
What should I do to make it work?
EDIT: It's because it calls super(...).clean_password1 which isn't in super class. So I've tried to put there super(...).cleaned_data.get("password1"), but it raises error that cleaned_data isn't there (in superclass).
class UserProfileCreationForm(UserCreationForm):
username = forms.CharField(label="Username", max_length=40, min_length=5)
email = forms.EmailField(label="Email address", max_length=40)
first_name = forms.CharField(label='First name', max_length=40, required=False)
last_name = forms.CharField(label='Last name', max_length=40, required=False)
password1 = forms.CharField(label="Password", widget=forms.PasswordInput, min_length=5)
password2 = forms.CharField(label="Password confirmation", widget=forms.PasswordInput)
class Meta():
model = UserProfile
fields = (
'username', 'email', 'type_of_user', 'first_name', 'last_name', 'password1', 'password2','IBAN',
)
def clean_password1(self):
password = self.cleaned_data.get('password1')
if len(password) < 8:
raise ValidationError('Password has to be of size at least 8 characters')
return super(UserProfileCreationForm, self).clean_password1()
def clean_password2(self):
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError("Password mismatch")
return password2
def save(self, commit=True):
try:
with transaction.atomic():
user = User(username=self.cleaned_data['username'],
first_name=self.cleaned_data['first_name'],
last_name=self.cleaned_data['last_name'],
email=self.cleaned_data['email'])
user.save()
user.set_password(self.cleaned_data["password1"])
user_profile = UserProfile(user=user,
IBAN=self.cleaned_data['IBAN'],
type_of_user=self.cleaned_data['type_of_user']
)
user_profile.save()
except:
raise #TODO: HANDLE THE EXCEPTION
return user
You can safely remove clean_password2 - Django already validates if the passwords match (I assume you're using the current version for your new project). As for clean_password1 I'd recommend to remove it too and read documentation on password validation (new in Django 1.9).
There's no reason to call super inside a clean_field method; the field doesn't exist on the base class, so neither does the clean_field.
I am using Django 1.8.After following tutorials of how to customize user model I decided to make an app using customized user model. My CustomUser model looks like -
class CustomUser(AbstractBaseUser):
first_name = models.CharField(max_length=100,blank=True)
last_name = models.CharField(max_length=100,blank=True)
college = models.CharField(max_length=200,blank=True)
email = models.EmailField(unique=True,blank=False)
date_joined = models.DateTimeField(_('date joined'), default=datetime.now())
is_active = models.BooleanField(default=True)
is_superuser = models.BooleanField(default=False)
is_staff = models.BooleanField(default=False)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['first_name']
objects = CustomUserManager()
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
def get_absolute_url(self):
return "/users/%s/" % urlquote(self.email)
def get_full_name(self):
"""
Returns the first name plus the last name , with a space in between
"""
full_name = '%s %s' % (self.first_name,self.last_name)
return full_name.strip()
My CustomUserManager class is this (though not important to mention here) -
class CustomUserManager(BaseUserManager):
def _create_user(self,email,password,is_staff,is_superuser,**extra_fields):
"""
Creates and saves a User with the given email and password
"""
t = datetime.now()
if not email:
raise ValueError('The given email must be set')
email = self.normalize_email(email)
user = self.model(email=email,is_staff=is_staff,is_active=True,is_superuser=is_superuser,
last_login=t,date_joined=t,**extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_user(self,email,password=None,**extra_fields):
return self._create_user(email,password,False,False,**extra_fields)
def create_superuser(self,email,password=None,**extra_fields):
print "Inside Superuser"
return self._create_user(email,password,True,True,**extra_fields)
I have added the relevant settings - AUTH_USER_MODEL and AUTHENTICATION_BACKENDS to the settings.py file.
Most importantly my custom registration form looks like this -
class CustomUserCreationForm(UserCreationForm):
"""
A form that creates a user, with no privileges, from the given email and password
"""
def __init__(self,*args,**kargs):
super(CustomUserCreationForm,self).__init__(*args,**kargs)
#print self.fields
del self.fields['username']
class Meta:
model = CustomUser
fields = ('email',)
I have mentioned here that my model will be CustomUser.As you can see that my custom form inherits from in-built UserCreation form. For the convenience I am also posting here UserCreationFrom class -
class UserCreationForm(forms.ModelForm):
"""
A form that creates a user, with no privileges, from the given username and
password.
"""
error_messages = {
'password_mismatch': _("The two password fields didn't match."),
}
password1 = forms.CharField(label=_("Password"),
widget=forms.PasswordInput)
password2 = forms.CharField(label=_("Password confirmation"),
widget=forms.PasswordInput,
help_text=_("Enter the same password as above, for verification."))
class Meta:
model = User
fields = ("username",)
def clean_password2(self):
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
raise forms.ValidationError(
self.error_messages['password_mismatch'],
code='password_mismatch',
)
return password2
def save(self, commit=True):
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
I have some doubts here.UserCreationForm has model set to User which is default User model(from django.contrib.auth.models import User);
but in my CustomForm's meta class I have mentioned model equal to my CustomUser.
When I print the fields returned by UserCreationForm it gives - username,password1,password2.Presence of 'username' field is the proof that UserCreationForm used 'User' model and added 'username' field which subsequently I deleted in my custom form.
I have also added 'email' to the fields in my custom form but Email option is not rendering in my registration page.Is what I am doing the right way to create Custom Registration forms?
If not then what should be done to render email field in my custom registration form.
from .models import CustomUser
class UserCreationForm(forms.ModelForm):
password1 = forms.CharField(label="Password", widget=forms.PasswordInput)
password2 = forms.CharField(label="Password confirmation", widget=forms.PasswordInput)
class Meta:
model = CustomUserModel
# Note - include all *required* CustomUser fields here,
# but don't need to include password1 and password2 as they are
# already included since they are defined above.
fields = ("email",)
def clean_password2(self):
# Check that the two password entries match
password1 = self.cleaned_data.get("password1")
password2 = self.cleaned_data.get("password2")
if password1 and password2 and password1 != password2:
msg = "Passwords don't match"
raise forms.ValidationError("Password mismatch")
return password2
def save(self, commit=True):
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
Source:
Django 1.5: UserCreationForm & Custom Auth Model
So I finally managed to add a location field to my User model and this is the code I have:
model:
from django.db import models
from django.contrib.auth.models import User
from django.db.models.signals import post_save
class UserProfile(models.Model):
user = models.OneToOneField(User)
location = models.CharField(('location'),max_length=30, blank=False)
def create_user_profile(sender, instance, created, **kwargs):
if created:
UserProfile.objects.create(user=instance)
post_save.connect(create_user_profile, sender=User)
and admin.py:
from django.contrib import admin
from django.contrib.auth.models import User
from django.contrib.auth.admin import UserAdmin
from django.contrib.auth.forms import UserCreationForm, UserChangeForm
from django import forms
from UserProfile.models import UserProfile
from django.contrib.admin.views.main import *
class MyUserCreationForm(UserCreationForm):
username = forms.RegexField(label=("Username"), max_length=30, regex=r'^[\w.#+-]+$', help_text = ("Required. 30 characters or fewer. Letters, digits and #/./+/-/_ only."),error_messages = {'invalid': ("This value may contain only letters, numbers and #/./+/-/_ characters.")})
password1 = forms.CharField(label=("Password"), widget=forms.PasswordInput)
password2 = forms.CharField(label=("Password confirmation"), widget=forms.PasswordInput, help_text = ("Enter the same password as above, for verification."))
email = forms.EmailField(label=("Email address"))
class Meta:
model = User
fields = ("username",)
def clean_username(self):
username = self.cleaned_data["username"]
try:
User.objects.get(username=username)
except User.DoesNotExist:
return username
raise forms.ValidationError(("A user with that username already exists."))
def clean_email(self):
email = self.cleaned_data["email"]
if email == "":
raise forms.ValidationError((""))
return email
def clean_password2(self):
password1 = self.cleaned_data.get("password1", "")
password2 = self.cleaned_data["password2"]
if password1 != password2:
raise forms.ValidationError(("The two password fields didn't match."))
return password2
def save(self, commit=True):
user = super(UserCreationForm, self).save(commit=False)
user.set_password(self.cleaned_data["password1"])
if commit:
user.save()
return user
class MyUserChangeForm(UserChangeForm):
username = forms.RegexField(label=("Username"), max_length=30, regex=r'^[\w.#+-]+$',
help_text = ("Required. 30 characters or fewer. Letters, digits and #/./+/-/_ only."),
error_messages = {'invalid': ("This value may contain only letters, numbers and #/./+/-/_ characters.")})
location = forms.CharField(label=("Location"),max_length=30)
class Meta:
model = User
def __init__(self, *args, **kwargs):
super(UserChangeForm, self).__init__(*args, **kwargs)
f = self.fields.get('user_permissions', None)
if f is not None:
f.queryset = f.queryset.select_related('content_type')
class CustomUserAdmin(UserAdmin):
add_fieldsets = (
(None, {
'classes': ('wide',),
'fields': ('username', 'email', 'password1', 'password2')}
),
)
fieldsets = (
(None, {'fields': ('username', 'password')}),
(('Personal info'), {'fields': ('first_name', 'last_name', 'email', 'location')}),
(('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser', 'user_permissions')}),
(('Important dates'), {'fields': ('last_login', 'date_joined')}),
(('Groups'), {'fields': ('groups',)}),
)
#list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff', 'location')
add_form = MyUserCreationForm
form = MyUserChangeForm
admin.site.unregister(User)
admin.site.register(User, CustomUserAdmin)
When I tried creating a user it finally didn't error. But when I went to edit the information about the user, the location field was empty. I checked the database manually using sqlite database browser. And I assumed by creating a UserProfile would add extra tables to the database, but it didn't. What I want is for the location field to be trated just like the email field or the username or any other information stored about the user.
You don't add fields to the old model this way, you're creating a new one that's associated with it. Your data will be in app_userprofile table, and you can access that instance (to save that location or whatever) via user.get_profile(). You can't use straightforward ModelForm for that, I'm afraid, you need to handle the profile yourself.