only super user can connect

Using Django Forms & APIs
1

I am in the process of implementing user connection on my application, I have created superusers (MOUF1119 and WASS1111) they connect on the admin and application side, but simple users cannot connect. I do not know why. I share with you my code and a capture of my users

Project/comptes/models.py

from django.db import models
from django.contrib.auth.models import AbstractUser
from .manager import *
from Entite1.models import Entite1


# Create your models here.
 
class CustomUser(AbstractUser):
    username= None
    email = models.EmailField()
    profil=models.CharField(max_length=10,unique=True)
    is_profil_verified= models.BooleanField(default=False)
    Entite1= models.ForeignKey(Entite1, on_delete=models.CASCADE, related_name='entite',blank=True, null=True)
    
    objects= UserManager()
    
    USERNAME_FIELD = 'profil'
    REQUIRED_FIELDS=[]

Project/comptes/manage.py

from django.contrib.auth.base_user import BaseUserManager

class UserManager(BaseUserManager):
    use_in_migrations = True
    
    
    def create_user(self,profil,password=None, **extra_fields):
        if not profil:
            raise ValueError('Le profil est manquant')
        
        user = self.model(profil=profil,**extra_fields)
        user.set_password(password)
        user.save(using=self._db)
        return user
    
    
    def create_superuser(self,profil,password=None, **extra_fields):
        extra_fields.setdefault('is_staff',True)
        extra_fields.setdefault('is_superuser',True)
        extra_fields.setdefault('is_active',True)
        
        return self.create_user(profil,password,**extra_fields)

Project/comptes/views.py
from django.shortcuts import render,redirect
from django.contrib.auth import authenticate, login,logout
from django.views.decorators.csrf import csrf_protect
# Create your views here.



@csrf_protect
def login_view(request):
    if request.method == 'POST':
        profil = request.POST['profil']
        password = request.POST['password']

        user = authenticate(request, profil=profil, password=password)

        if user is not None:
            login(request, user)
            # Redirigez l'utilisateur vers la page souhaitée après la connexion
            return redirect('ticket')  
        else:
            # Gestion des erreurs de connexion
            return render(request, 'comptes/login1.html', {'error_message': 'Nom d\'utilisateur ou mot de passe incorrect'})

    # Si la méthode HTTP n'est pas POST, affichez simplement la page de connexion
    return render(request, 'comptes/login1.html')

    
def logout_view(request):
    logout(request)
    return redirect('connexion')

login1.html
{% extends 'main.html' %}

{% block content %}
{% load static %}

<section class="h-100 gradient-form" style="background-color: #eee;">
    <div class="container py-5 h-100">
      <div class="row d-flex justify-content-center align-items-center h-100">
        <div class="col-xl-10">
          <div class="card rounded-3 text-black">
            <div class="row g-0">
              <div class="col-lg-6">
                <div class="card-body p-md-5 mx-md-4">
                  <form method="post" action="{% url 'connexion' %}">
                    {% csrf_token %}
                    <div class="text-center">
                      <img src="{% static 'images/mkb_logo.png' %}" style="width: 195px;" alt="logo">
                    </div>
                    <p>Veuillez vous connecter à votre compte</p>
                    {% if error_messsage %}
                    <div class="alert alert-danger" role="alert">
                      {{error_messsage}}
                    </div>
                    {%endif%}
  
                    <div class="form-outline mb-4">
                      <input type="text" name="profil" class="form-control" placeholder="Profil" />
                    </div>
  
                    <div class="form-outline mb-4">
                      <input type="password" name="password"  class="form-control" placeholder="Mot de passe" />
                    </div>
                    <div class="text-center pt-1 mb-5 pb-1">
                      <button class="btn btn-primary btn-block fa-lg gradient-custom-2 mb-3" type="submit"> <b>Connexion </b></button>
                    </div>
                  </form>
                </div>
              </div>

              <div class="col-lg-6 d-flex align-items-center gradient-custom-2">
                <img src="{% static 'images/log.jpg' %}" style="width: 385px;" alt="logo">
              </div>

            </div>
          </div>
        </div>
      </div>
    </div>
  </section>

{% endblock %}

image
image881×400 15.7 KB

2

The parameter names for the authenticate function are username and password. Yes, you would pass profil as the value for that parameter, but the name of the parameter does not change.
(See the source code for this function at django.contrib.auth.backends.ModelBackend to see how this works.)

3

dear sir, you have done a remarkable job on this forum and I thank you, I am French-speaking and it is a little difficult for me to follow but somehow I follow you so, I changed the line as follows:

        user = authenticate(request, username=profil, password=password)

but always the same results.
but why with a superuser everything works correctly?

4

How are you creating the users?

5

I create users by filling out the user addition form on the admin page

my admin form page

image
image1920×1080 144 KB

6

Please show this page displaying one of the users that are trying to log in, but can’t.

7 
login1.html
{% extends 'main.html' %}

{% block content %}
{% load static %}

<section class="h-100 gradient-form" style="background-color: #eee;">
    <div class="container py-5 h-100">
      <div class="row d-flex justify-content-center align-items-center h-100">
        <div class="col-xl-10">
          <div class="card rounded-3 text-black">
            <div class="row g-0">
              <div class="col-lg-6">
                <div class="card-body p-md-5 mx-md-4">
                  <form method="post" action="{% url 'connexion' %}">
                    {% csrf_token %}
                    <div class="text-center">
                      <img src="{% static 'images/mkb_logo.png' %}" style="width: 195px;" alt="logo">
                    </div>
                    <p>Veuillez vous connecter à votre compte</p>
                    {% if error_messsage %}
                    <div class="alert alert-danger" role="alert">
                      {{error_messsage}}
                    </div>
                    {%endif%}
  
                    <div class="form-outline mb-4">
                      <input type="text" name="profil" class="form-control" placeholder="Profil" />
                    </div>
  
                    <div class="form-outline mb-4">
                      <input type="password" name="password"  class="form-control" placeholder="Mot de passe" />
                    </div>
                    <div class="text-center pt-1 mb-5 pb-1">
                      <button class="btn btn-primary btn-block fa-lg gradient-custom-2 mb-3" type="submit"> <b>Connexion </b></button>
                    </div>
                  </form>
                </div>
              </div>

              <div class="col-lg-6 d-flex align-items-center gradient-custom-2">
                <img src="{% static 'images/log.jpg' %}" style="width: 385px;" alt="logo">
              </div>

            </div>
          </div>
        </div>
      </div>
    </div>
  </section>

{% endblock %}

image

8

I’m asking for the display of the admin page where you’re creating the users. Please post an image of the admin page with the information of one of the users that isn’t working.

9

here is a picture of the person not connecting

image
image1227×940 36.4 KB

and here is a picture of the person connecting

image
image1920×1080 141 KB

10

Notice how the password field in the working person shows the hashed password, but that same field in the non-working person is showing the plain-text password. That is what is not working.

Are you using the standard form for adding a user, or did you create a custom form?

Are you using the standard ModelAdmin class for your user or are you using the standard ModelAdmin?

11

Adding users is only done on the admin page.
I plan to do the insertion via a user file directly into the database, but I’m doing some tests first and unfortunately I’m having this problem. also actually I made this remark on the display of passwords. but I told myself that it is only the superusers that I create on the command line who the rest I created directly via the addition form on the admin page. tell me, there is the possibility of creating imple users on the command line. if so we can try and see how it behaves when connected

12

That’s fine.

  • Did you create a custom ModelAdmin class for your CustomUser?

  • Did you create a custom form to be used by the ModelAdmin class?

13

I’ve also noticed:

BUT, your comment reads:

This would not be the same file, unless you’ve made a typo somewhere.

14

I don’t really understand your question but here is the model for creating my user

from django.db import models
from django.contrib.auth.models import AbstractUser
from .manager import *
from Entite1.models import Entite1


# Create your models here.
 
class CustomUser(AbstractUser):
    username= None
    email = models.EmailField()
    profil=models.CharField(max_length=10,unique=True)
    is_profil_verified= models.BooleanField(default=False)
    Entite1= models.ForeignKey(Entite1, on_delete=models.CASCADE, related_name='entite',blank=True, null=True)
    
    objects= UserManager()
    
    USERNAME_FIELD = 'profil'
    REQUIRED_FIELDS=[]
15

See the docs at The Django admin site | Django documentation | Django, particularly the section for the ModelAdmin objects and the ModelAdmin.form.

16

even reading the documentation and looking at my code I don’t see where the problem occurs.
However thank you for your time and interest in my problem

17

You still haven’t answered my questions:

These are yes / no questions. Either you have done this or you haven’t. But I can’t provide any further guidance until I understand how you’re creating these CustomUser objects.

18

I create Costumer with AbstractUser, not with UserMODEL

19

Not quite.

You actually create the instances of CustomUser in a view.

The model (CustomUser, inheriting the fields from AbstractUser) identifies the fields that will be stored in that model. But the model itself does not create the instances.

The model manager (UserManager) has a helper function (create_user) that the view can use to help create these instances. But all the work starts with a view being executed.

20

here is the only content of my view

from django.shortcuts import render,redirect
from django.contrib.auth import authenticate, login,logout
from django.views.decorators.csrf import csrf_protect
# Create your views here.



@csrf_protect
def login_view(request):
    if request.method == 'POST':
        profil = request.POST['profil']
        password = request.POST['password']

        user = authenticate(request, profil=profil, password=password)

        if user is not None:
            login(request, user)
            # Redirigez l'utilisateur vers la page souhaitée après la connexion
            return redirect('ticket')  
        else:
            # Gestion des erreurs de connexion
            return render(request, 'comptes/login1.html', {'error_message': 'Nom d\'utilisateur ou mot de passe incorrect'})

    # Si la méthode HTTP n'est pas POST, affichez simplement la page de connexion
    return render(request, 'comptes/login1.html')

    
def logout_view(request):
    logout(request)
    return redirect('connexion')