Passwords not Hashed when Creating CustomUser from shell

I have a custom user as described below:

from django.contrib.auth.models import AbstractUser

# Create your models here.

class User(AbstractUser):
    """App User"""

    # add additional fields in here
    middle_name = models.CharField(max_length=255)
    reference = models.CharField(max_length=255)

    def __str__(self):
        return self.username

Signup via the browser works well with the above. However, when I try to create users via API or shell, the new users get plain passwords (not hashed). Why is this happening and how can I ensure that the automating user creation guarantees hashed passwords that passes authentication?

What works:
I go to the browser, sign-up, pass through verification … user gets created and passwords are hashed

What doesn’t work:

scripted_user = User(username="twohot", password="the_password", email="")

Result of second approach: scripted_user will be created but password will be plain (I want it hashed, how should I go about this?)

Correct. This doesn’t work because you’re explicitly setting the password field to the plain-text password.

You need to leave the password field blank when you create the User object, then use the set_password function to set the password to its hashed value before calling save on that object.

I should buy you a drink. Thanks!