Opened 2 years ago

Closed 2 years ago

#29628 closed Bug (fixed)

createsuperuser does not validate password against username or other required fields

Reported by: Josh Schneier Owned by: Josh Schneier
Component: contrib.auth Version: 2.1
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description


Change History (6)

comment:1 Changed 2 years ago by Josh Schneier

Owner: changed from nobody to Josh Schneier
Status: newassigned

comment:2 Changed 2 years ago by Tim Graham

Summary: Createsuperuser does not validate password against username or other required fieldscreatesuperuser does not validate password against username or other required fields

It looks to me like it does (as of 53d28f83390aed98fab4eed187eaf1edaa92c6d0). Is there a bug with the fake_user_data approach?

comment:3 Changed 2 years ago by Josh Schneier

Username isn’t included in fake user data and the validation runs inside of the for loop before all fields can be collected. I have failing test cases I just pushed up in a PR.

comment:4 Changed 2 years ago by Tim Graham

Triage Stage: UnreviewedAccepted

comment:5 Changed 2 years ago by Tim Graham

Has patch: set

comment:6 Changed 2 years ago by Tim Graham <timograham@…>

Resolution: fixed
Status: assignedclosed

In 793e9bb3:

Fixed #29628 -- Made createsuperuser validate password against username and required fields.

Note: See TracTickets for help on using tickets.
Back to Top