I have a custom user as described below:
from django.contrib.auth.models import AbstractUser # Create your models here. class User(AbstractUser): """App User""" # add additional fields in here middle_name = models.CharField(max_length=255) reference = models.CharField(max_length=255) def __str__(self): return self.username
Signup via the browser works well with the above. However, when I try to create users via API or shell, the new users get plain passwords (not hashed). Why is this happening and how can I ensure that the automating user creation guarantees hashed passwords that passes authentication?
I go to the browser, sign-up, pass through verification … user gets created and passwords are hashed
What doesn’t work:
scripted_user = User(username="twohot", password="the_password", email="email@example.com") scripted_user.save()
Result of second approach:
scripted_user will be created but password will be plain (I want it hashed, how should I go about this?)