18

我下面的代码有点工作,它创建用户对象并保存但它不保存密码:

class CreateUserResource(ModelResource):
    class Meta:
        allowed_methods = ['post']
        object_class = User
        authentication = Authentication()
        authorization = Authorization()
        include_resource_uri = False
        fields = ['username']

    def obj_create(self, bundle, request=None, **kwargs):
        try:
            bundle = super(CreateUserResource, self).obj_create(bundle, request, **kwargs)
        except IntegrityError:
            raise BadRequest('That username already exists')
        return bundle

如果我在 Meta 字段中添加“密码”,那么它会保存原始密码,但不会对其进行散列处理。我究竟做错了什么?

所以这对我有用:

def obj_create(self, bundle, request=None, **kwargs):
    username, password = bundle.data['username'], bundle.data['password']
    try:
        bundle.obj = User.objects.create_user(username, '', password)
    except IntegrityError:
        raise BadRequest('That username already exists')
    return bundle
4

3 回答 3

21

创建用户时,您需要使用方法 set_password user.set_password(bundle.data.get('password'))或使用 User 对象的 create_user 方法。

user = User.objects.create_user(bundle.data.get('username'), bundle.data.get('email'), bundle.data.get('password'))

所以这样的事情对你有用:

def obj_create(self, bundle, request=None, **kwargs):
    try:
        bundle = super(CreateUserResource, self).obj_create(bundle, request, **kwargs)
        bundle.obj.set_password(bundle.data.get('password'))
        bundle.obj.save() 
    except IntegrityError:
        raise BadRequest('That username already exists')
    return bundle
于 2012-01-18T18:40:34.090 回答
5

我处于同样的情况,发现这两种解决方案都有帮助,但并不完整。在他们两个中,我都可以创建用户名为空的用户。我不想有这样的泄漏,所以这就是我所做的。

首先,我创建了一个验证表单:

from django import forms
from django.forms import ModelForm
from django.contrib.auth.models import User

class UserForm(forms.ModelForm):
def __init__(self, *args, **kwargs): 
    super(UserForm, self).__init__(*args, **kwargs)

    self.fields['username'].error_messages = {'required': "Please enter username"}
    self.fields['username'].max_length = 30
    self.fields['password'].error_messages = {'required': 'Please enter password'}
    self.fields['password'].max_length = 30

    self.fields['email'].required = False

def clean_username(self):
    username = self.cleaned_data['username']
    if len(username) < 4:
        raise forms.ValidationError("Username has to be longer than 4 characters")  
    return username

def clean_password(self):
    password = self.cleaned_data['password']
    if len(password) < 5:
        raise forms.ValidationError("Password has to be longer than 5 characters")
    return password   

class Meta:
    model = User
    fields = ('username', 'email', 'password')

然后,在 UserResource

validation = FormValidation(form_class=UserForm)

def obj_create(self, bundle, request=None, **kwargs):
    bundle = super(UserResource, self).obj_create(bundle, request, **kwargs)
    bundle.obj.set_password(bundle.data.get('password'))
    bundle.obj.save() 

    return bundle

我希望我的解决方案可以帮助其他开发人员。快乐编码!

于 2013-01-13T06:58:23.097 回答
4

我试图在 django-tastypie==0.9.12 中使用类似的代码,并遇到有关缺少查询集和 obj_create 的参数数量的错误。使用以下代码对我有用:

from django.contrib.auth.models import User
from django.db import IntegrityError

from tastypie.resources import ModelResource
from tastypie.authorization import Authorization
from tastypie.authentication import Authentication
from tastypie import fields
from tastypie.exceptions import BadRequest

class UserSignUpResource(ModelResource):
    class Meta:
        object_class = User
        resource_name = 'register'
        fields = ['username', 'first_name', 'last_name', 'email']
        allowed_methods = ['post']
        include_resource_uri = False
        authentication = Authentication()
        authorization = Authorization()
        queryset = User.objects.all()

    def obj_create(self, bundle, request=None, **kwargs):
        try:
            bundle = super(UserSignUpResource, self).obj_create(bundle)
            bundle.obj.set_password(bundle.data.get('password'))
            bundle.obj.save()
        except IntegrityError:
            raise BadRequest('Username already exists')

        return bundle

一些测试代码将是:

from django.contrib.auth.models import User
from django.contrib.auth.hashers import check_password

from tastypie.test import ResourceTestCase

class UserSignUpResourceTest(ResourceTestCase):
    def test_post_list(self):
        post_arguments = {
            "email": "youremail@example.com",
            "first_name": "John",
            "last_name": "Doe",
            "username": "test-user",
            "password": "idiotic-pwd"
        }
        # Check how many are there
        self.assertEqual(User.objects.count(), 0)
        self.assertHttpCreated(self.api_client.post('/api/register/',
        format='json', data=post_arguments))
        # Check how many are there. Should be one more
        self.assertEqual(User.objects.count(), 1)
        # Check attributes got saved correctly
        user = User.objects.get(username='test-user')
        for atr in post_arguments:
            if atr == 'password':
                check_password(post_arguments[atr], getattr(user, atr))
            else:
                self.assertEqual(post_arguments[atr], getattr(user, atr))
于 2013-05-05T15:21:36.180 回答