这个序列化器
class RegisterSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'email', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
#user = super(RegisterSerializer, self).create(validated_data)
user = User.objects.create_user(**validated_data)
return user
和登录序列化器:
class LoginSerializer(serializers.Serializer):
username = serializers.CharField()
password = serializers.CharField()
def validate(self, data):
username = data.get('username')
password = data.get('password')
if username and password:
user = authenticate(username=username, password=password)
if user and user.is_active:
return user
raise serializers.ValidationError("Invalid credentials!")
我使用了这段代码并且运行良好,但是当我更改我的注册序列化程序时
class RegisterSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'email', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
user = super(RegisterSerializer, self).create(validated_data)
return user
代码不能很好地工作。 当我想在 Postman 中测试我的端点时,代码很好地创建了用户,但对于登录端点,我总是采取此响应无效的凭据
我不知道当我首先更改代码时发生了什么,但当我添加此行时,它不起作用 “用户=超级(RegisterSerializer,self).create(validated_data)”
你的问题是,
user = super(RegisterSerializer, self).create(validated_data)
将密码以纯文本形式存储在数据库中,而django希望它被散列。您可以通过 python manage.py shell
并运行来验证这一点:
from django.contrib.auth import get_user_model
UserModel = get_user_model()
UserModel.objects.first().password
这应该返回类似
pbkdf2_sha256$...
的内容。如果它返回 plaintextpassword
你有两个问题:
要解决此问题,只需在序列化器中手动哈希密码即可:
class RegisterSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'email', 'password']
extra_kwargs = {'password': {'write_only': True}}
def create(self, validated_data):
user = super(RegisterSerializer, self).create(validated_data)
user.set_password(user.password) # set_password hashes input.
user.save()
return user