7

我网站上的一位用户最近在尝试登录时成功触发了此回溯。在 Django Admin 中,他的密码为Invalid password format or unknown hashing algorithm.

我不知道是什么原因造成的。到目前为止,这是一个孤立的案例,我和其他用户已成功注册并登录该站点。

追溯

Traceback (most recent call last):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/core/handlers/base.py", line 111, in get_response
   response = callback(request, *callback_args, **callback_kwargs)

 File "/var/git/bbox/userprofile/views.py", line 67, in login_view
   if form.is_valid():

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 124, in is_valid
   return self.is_bound and not bool(self.errors)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 115, in _get_errors
   self.full_clean()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 271, in full_clean
   self._clean_form()

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/forms/forms.py", line 299, in _clean_form
   self.cleaned_data = self.clean()

 File "/var/git/bbox/userprofile/forms.py", line 83, in clean
   self.user_cache = authenticate(username=username, password=password)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 45, in authenticate
   user = backend.authenticate(**credentials)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/backends.py", line 15, in authenticate
   if user.check_password(password):

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/models.py", line 304, in check_password
   return check_password(raw_password, self.password, setter)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 42, in check_password
   hasher = get_hasher(algorithm)

 File "/home/gituser/.virtualenvs/bbox/lib/python2.7/site-packages/django/contrib/auth/hashers.py", line 115, in get_hasher
   "setting?" % algorithm)

ValueError: Unknown password hashing algorithm ''. Did you specify it in the PASSWORD_HASHERS setting?
4

2 回答 2

5

不要将密码设置为空字符串,而是使用modelset_unusable_password()的方法User将密码设置为不可用:

user.set_unusable_password()

在文档中查看更多信息:https ://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.models.User.set_unusable_password

于 2012-05-11T03:04:31.557 回答
0

原来该用户是“受邀”用户。在我的邀请代码中,我正在使用以下代码块创建用户:

    user = User.objects.create(
            username=cd['email'],
            email=cd['email'],
            first_name=cd['first_name'],
            last_name=cd['last_name'],
            is_active=False)

如您所见,我没有设置密码。解决方法是应用一个临时密码,因为一旦用户到达电子邮件中发送给他的验证链接,他将被要求创建一个新密码。

    # set a random pw. user will be prompted to change
    # on log in
    user.set_unusable_password()
    user.save()

所以基本上,如果您在没有设置密码的情况下创建用户对象并尝试将他登录到您的站点(使用 django 的身份验证系统),您将获得此回溯。

于 2012-05-11T02:36:07.613 回答