I have a custom user as described below:
from django.contrib.auth.models import AbstractUser
# Create your models here.
class User(AbstractUser):
"""App User"""
# add additional fields in here
middle_name = models.CharField(max_length=255)
reference = models.CharField(max_length=255)
def __str__(self):
return self.username
Signup via the browser works well with the above. However, when I try to create users via API or shell, the new users get plain passwords (not hashed). Why is this happening and how can I ensure that the automating user creation guarantees hashed passwords that passes authentication?
What works:
I go to the browser, sign-up, pass through verification … user gets created and passwords are hashed
What doesn’t work:
scripted_user = User(username="twohot", password="the_password", email="twohot@address.com")
scripted_user.save()
Result of second approach: scripted_user
will be created but password will be plain (I want it hashed, how should I go about this?)