Opened 5 years ago
Closed 5 years ago
#32198 closed Uncategorized (invalid)
Passwords of users created in admin user interface possibly not hashed?
| Reported by: | jrdjango | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.admin | Version: | 3.0 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
After I created a new user using http://127.0.0.1:8000/admin/users, I see the plain password of the newly created user in the django admin user interface.
When I try to log this user in, user = authenticate(request,...) returns None.
When I create a superuser from the console and go to http://127.0.0.1:8000/admin/users, I see in the admin user interface that the superuser's password is hashed.
When I log the superuser in, I don't have any problems.
(I'm new to django, so in case this is nonsense, I beg your pardon.)
Attachments (2)
Change History (3)
by , 5 years ago
| Attachment: | password_not_hashed.png added |
|---|
comment:1 by , 5 years ago
| Component: | Uncategorized → contrib.admin |
|---|---|
| Resolution: | → invalid |
| Status: | new → closed |
There is an issue in your app not in Django itself. Please don't use Trac as a support channel. Closing per TicketClosingReasons/UseSupportChannels.
Note:
See TracTickets
for help on using tickets.
plain password displayed