I introduced model Account (see the code below) which has OneToOneField with User.
The reason was not to mess with existing authentication since the project is already live for some time and has some users, permissions, etc.
Account objects are created via Django Admin. After Account is saved, Django Admin calls method create_user() in Account model (see code below) to create associate User object.
class Account(models.Model):
email = models.EmailField(unique=True)
first_name = models.CharField(max_length=150, blank=True)
last_name = models.CharField(max_length=150, blank=True)
is_active = models.BooleanField(default=True, verbose_name='Active')
user = models.OneToOneField(User, on_delete=models.CASCADE,)
def create_user(self):
u = User.objects.create_user(self.email, self.email)
u.is_active = self.is_active
u.first_name = self.first_name
u.last_name = self.last_name
u.save()
self.user = u
Next, to set the password for a user, the idea was that user receives an email with the link to password reset (PasswordResetView) to do the password reset procedure.
But this is not working (email is not being sent) and I found out this is because has_usable_password() is False for such newly created users.
So I guess that (one of the possible) workaround/solution for my problem is to give a user some usable password.
How could I do that programmatically during the user creation in a secure way ?
(I know how to do it in shell but the goal is not to use shell every time there is a new account.)