Login

Trigger a user password change

Author:
jedie
Posted:
August 31, 2007
Language:
Python
Version:
.96
Tags:
password user-account
Score:
3 (after 3 ratings)

I would like to catch the raw plaintext password if a user created or change his password. First i tried to handle this with signals.post_save at the User class, like this:

dispatcher.connect(update, signal=signals.post_save, sender=User)

The problem is, in the User model exists e.g. 'last_login'. So the save method called every time, the user logged in :( And with post_save i get only the hashed password and not the plaintext source password.

I found a simple way to trigger a user password change. I hacked directly into the django.contrib.auth.models.User.set_password() method. See the sourcecode.

There exists a discussion in the django-users thread about this.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
from django.contrib.auth.models import User

# Save the original method
old_set_password = User.set_password

def set_password(user, raw_password):
    if user.id == None:
        # It's a new user. We must save the django user account first.
        user.save()

    #
    # Do something with the user obejct and the given raw_password ;)
    #

    # Use the original method to set the django User password:
    old_set_password(user, raw_password)

# Replace the method
User.set_password = set_password

More like this

  1. Instructions and code to use drupal 7 passwords by grillermo 1 year, 11 months ago
  2. Plaintext password by yetty 1 year, 6 months ago
  3. Send large files through Django, and how to generate Zip files by jcrocholl 7 years, 9 months ago
  4. Unusable passwords for LDAP users by rob.ward 6 years, 3 months ago
  5. Cache Any Function by jeffwheeler 8 years, 2 months ago

Comments

gamesbook (on October 27, 2010):

Its not clear how to make use of this snippet? What is required in order to integrate into Django (and the Admin site)?

#

Please login first before commenting.