What is the view code that you are calling to actually create the user? I suspect you are simply doing something like:
user.password = <password value from POST> That will store the password in plain text in the DB, but Django is expecting it to be hashed, so it never matches. You should be using either the create_user() shortcut or using the set_password() method on the user object. See this: https://docs.djangoproject.com/en/1.8/topics/auth/default/#changing-passwords -James On Apr 30, 2015 4:07 AM, "Shekar Tippur" <[email protected]> wrote: > Hello, > I am following instructions under > https://django-oauth-toolkit.readthedocs.org/en/latest/rest-framework/getting_started.html > > I am having trouble with creating a user with encrypted password. > > I am able to create a user with the call > > curl -H "Authorization: Bearer lXbYKZqnPeqOyYaHyB3EOAvcMny13j" -X POST > -d"username=foo1&password=bar1&first_name=foo1&email=" http:// > ${endpoint}/users/ > > > {"id":30,"password":"bar1","last_login":null,"is_superuser":false,"username":"foo1","first_name":"foo1","last_name":"","email":"","is_staff":false,"is_active":true,"date_joined":"2015-04-30T07:26:00.857445Z","groups":[],"user_permissions":[]}(env) > > As you can see, it is creating a new user but the password is in clear > text. > > As a result, I am unable to get a user token > > curl -X POST -d > "grant_type=password&username=foo1&password=bar1&scope=read" > -u"${clientid}:${clientsecret}" http://${endpoint}/o/token/ > > {"error_description": "Invalid credentials given.", "error": > "invalid_grant"}(env) > > I sort of found a workaround. I can go in as admin to the console and > change the user password manually. This seem to store the password as > encrypted. How do I sole this via api calls? > > I am sure I am missing something. Appreciate if someone could unblock me. > > - Shekar > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/ee2bc7a2-9103-41ec-8328-7db20a91c062%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/ee2bc7a2-9103-41ec-8328-7db20a91c062%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciX7U%2BfyHQAiAS4XEauUqWKru_jA5bK6NUcQEKuHgbHKVA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
