Django Auth не работает, даже если пользователь/пасс существует в БД
У меня есть следующее представление create user view
class UserView(View):
def post(self, request):
try:
data = json.loads(request.body)
encrypted_username_hex = data.get('username', None)
encrypted_password_hex = data.get('password', None)
phone_number = data.get('phone_number', None)
email = data.get('email', None)
missing_fields = [field for field in ['username', 'password', 'email'] if data.get(field) is None]
if missing_fields:
return JsonResponse({"error": f"Missing required field(s): {', '.join(missing_fields)}"}, status=400)
session_id = request.session.session_key
print("user create ses", session_id)
private_key_pem, _ = RSAKeyManager.get_keys(session_id)
if not private_key_pem:
return JsonResponse({"error": "Invalid session or RSA keys not found"}, status=404)
print("private key", private_key_pem)
username = RSAHandler.decrypt_from_hex(private_key_pem, encrypted_username_hex)
password = RSAHandler.decrypt_from_hex(private_key_pem, encrypted_password_hex)
user = CustomUser.objects.create_user(username=username, email=email, password=password,
phone_number=phone_number)
return JsonResponse({"user": user.email, "phone_number": user.phone_number}, status=201)
except IntegrityError as e:
if 'username' in str(e):
return JsonResponse({"error": "This username is already taken."}, status=400)
elif 'email' in str(e):
return JsonResponse({"error": "This email is already in use."}, status=400)
else:
return JsonResponse({"error": "There was an error with your request."}, status=400)
except ValidationError as e:
return JsonResponse({"error": str(e.messages[0])}, status=400)
except Exception as e:
traceback.print_exc()
return JsonResponse({"error": "Internal server error."}, status=500)
И эта пользовательская модель пользователя:
class CustomUserManager(BaseUserManager):
def create_user(self, username, email, password=None, phone_number=None, **extra_fields):
if not email:
raise ValueError(_('The Email must be set'))
email = self.normalize_email(email)
user = self.model(username=username, email=email, phone_number=phone_number, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, email, password=None, phone_number=None, **extra_fields):
extra_fields.setdefault('is_staff', True)
extra_fields.setdefault('is_superuser', True)
if extra_fields.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if extra_fields.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(username, email, password, phone_number, **extra_fields)
class CustomUser(AbstractBaseUser, PermissionsMixin):
username = models.CharField(max_length=150, unique=True)
email = models.EmailField(unique=True)
phone_number = models.CharField(max_length=15, blank=True, null=True)
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
banned = models.BooleanField(default=False)
created_at = models.DateTimeField(default=timezone.now)
updated_at = models.DateTimeField(auto_now=True)
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['username', "password"]
objects = CustomUserManager()
# Add related_name to groups and user_permissions fields
groups = models.ManyToManyField(
'auth.Group',
verbose_name=_('groups'),
blank=True,
help_text=_('The groups this user belongs to. A user will get all permissions granted to each of their groups.'),
related_name="custom_user_set", # Changed related_name
related_query_name="user",
)
user_permissions = models.ManyToManyField(
'auth.Permission',
verbose_name=_('user permissions'),
blank=True,
help_text=_('Specific permissions for this user.'),
related_name="custom_user_set", # Changed related_name
related_query_name="user",
)
def __str__(self):
return self.username
А вот этот вид входа:
class LoginView(View):
def post(self, request):
try:
data = json.loads(request.body)
email = data.get('email', None)
encrypted_password_hex = data.get('password', None)
session_id = request.session.session_key
private_key_pem, _ = RSAKeyManager.get_keys(session_id)
print(session_id)
password = RSAHandler.decrypt_from_hex(private_key_pem, encrypted_password_hex)
print(email)
print(password)
# Authenticating the user
user = authenticate(username=email, password=password)
user = authenticate(username='tes321t@gm3ail.com', password='test')
print("user", user)
if user is not None:
# User is authenticated, now generate a JWT token
payload = {
'session_id': request.session.session_key,
'username': user.username,
}
jwt_token = jwt.encode(payload, settings.SECRET_KEY, algorithm='HS256')
return JsonResponse({"token": jwt_token, "user": user.username}, status=200)
else:
# Authentication failed
return JsonResponse({"error": "Invalid credentials"}, status=401)
except Exception as e:
return JsonResponse({"error": str(e)}, status=500)
Я не могу пройти авторизацию,
Я пробовал вручную указать пользователя/пасс, но все равно пользователь всегда отсутствует:
user = authenticate(username='tes321t@gm3ail.com', password='test')
Пользователь существует в базе данных, пароль корректно хэширован, похоже, что пароль тот же (открытым текстом), не уверен, что я делаю неправильно в данный момент :(
)