Check_password fails every time

calcanisa · December 17, 2022, 3:03am

I have this backend to authenticate a user but it fails no matter what. That password is correct the user is active but no luck. The password saved in the back end is hashed so it’s not plain text.

class EmailBackend(ModelBackend):
    def authenticate(self, request, **kwargs):
        email = kwargs.get("email", None)
        user = User.objects.get(email=email)
        if user:
            if user.check_password(kwargs.get("password", None)):
                return user
            else:
                return None
        else:
            User.DoesNotExist
        return None

What is wrong please? How can I check if the password entered is hashed correctly or what can I do to fix this so I can actually log in

KenWhitesell · December 17, 2022, 1:18pm

What steps have you taken so far to try and resolve this?

Have you verified that kwargs contains the values you’re expecting?
Have you used the Django shell to test your user.check_password function?
Have you visually verified that the password in the database is hashed? (And using one of the same hash functions as used by the check_password method?)

calcanisa · December 18, 2022, 6:52am

Solved it thanks I had set_password on the user model and in the view I had make_password so it was actually double hashing the password. Someone on stackoverflow saw it in my code. Thanks answering my query any case

bhaskar-nie · June 26, 2024, 12:02pm

Thanks bro, your reply saved me from pulling my hair out…

Topic		Replies	Views
Custom login Forms & APIs	6	709	July 24, 2023
Login using email showing wrong error message? Using Django	4	3141	May 10, 2021
SetPasswordForm - changes password, but login fails :( Forms & APIs	10	1971	May 24, 2024
django problem email verification keeps failing Mystery Errors	2	13	December 5, 2024
Issue with custom backend and forms to login Using Django	5	1795	November 29, 2020

Check_password fails every time

Related topics