- August 31, 2007
- password user-account
- 3 (after 3 ratings)
I would like to catch the raw plaintext password if a user created or change his password. First i tried to handle this with signals.post_save at the User class, like this:
dispatcher.connect(update, signal=signals.post_save, sender=User)
The problem is, in the User model exists e.g. 'last_login'. So the save method called every time, the user logged in :( And with post_save i get only the hashed password and not the plaintext source password.
I found a simple way to trigger a user password change. I hacked directly into the django.contrib.auth.models.User.set_password() method. See the sourcecode.
There exists a discussion in the django-users thread about this.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
from django.contrib.auth.models import User # Save the original method old_set_password = User.set_password def set_password(user, raw_password): if user.id == None: # It's a new user. We must save the django user account first. user.save() # # Do something with the user obejct and the given raw_password ;) # # Use the original method to set the django User password: old_set_password(user, raw_password) # Replace the method User.set_password = set_password