I just want to summarize the password handling changes before and
after this patch.
before:
- create_user() with empty password or None -> password set to '!'
unusable
- set_password() accepts everything
- has_usable_password() returning False for password equal to '!'
after:
- create_user() with
Thanks for your feedback. I attached a new patch with the following
changes:
* allow empty string in set_password()
* has_usable_password() returns false if password is '!' or None
* add unit test set_password(None)
* add verbosity option to createsuperuser command + unit test
* output msg to stdo
On Fri, Oct 8, 2010 at 11:28 AM, Laurent Luce wrote:
> I noticed that create_user() is currently setting password to unusable
> if it is None or empty. However, set_password() is accepting an empty
> password. I decided to follow the first rule in the patch I submitted
> but I am kind of confused
d_usable() and the UNUSABLE_PASSWORD constant. So I'm
> interested in API that this functions (and thus User's methods) should
> provide.
>
> On 7 October 2010 23:13, Laurent Luce wrote:> Hello,
>
> > Regarding the issue about password is None in check_password (http://
> >
this functions (and thus User's methods) should
provide.
On 7 October 2010 23:13, Laurent Luce wrote:
> Hello,
>
> Regarding the issue about password is None in check_password (http://
> code.djangoproject.com/ticket/14354). I attached a patch with the
> following changes:
>
>
Hello,
Regarding the issue about password is None in check_password (http://
code.djangoproject.com/ticket/14354). I attached a patch with the
following changes:
- in set_password(), check for raw_password and if None or empty, call
set_unusable_password(), otherwise same as before
- in
