It is so wrong to want to read the users 's password. I think this should not be done.
On Mon, Oct 21, 2019, 7:20 PM Alex Heyden <mindsbre...@gmail.com> wrote: > Password tables should never be human-readable. Never ever. No exceptions. > > If the intent is to power automation, store that password where the test > agent can read it. If you don't know the password, reset it, then save it. > Don't expect your web server to leak a password, though. Not even if you > ask it nicely. > > On Mon, Oct 21, 2019 at 1:16 PM Dilipkumar Noone <n.dil...@gmail.com> > wrote: > >> Dear Django group, >> >> In one of my View i need UserName & Password details in raw format but >> Django uses *PBKDF2* <https://en.wikipedia.org/wiki/PBKDF2> algorithm to >> store the password. >> >> I would like to know how to retrieve the saved password from >> Authentication Form. >> >> Using these Username and password details from my Django app , i need to >> use the same credentials to access another website to perform web >> automation on it using selenium chrome webdriver. >> >> Please let us know how to get the password in raw format once user >> authenticated using below LoginForm and login_view. >> >> *My forms.py:* >> *===========* >> >> forms.py: >> ======= >> >> class LoginForm(AuthenticationForm): >> >> remember_me = forms.BooleanField(required=True, initial=False) >> >> def __init__(self, *args, **kwargs): >> >> super(LoginForm, self).__init__(*args, **kwargs) >> self.helper = FormHelper() >> self.helper.form_action = '.' >> self.helper.layout = Layout( >> Field('username', placeholder="Enter Username", autofocus=""), >> Field('password', placeholder="Enter Password"), >> Field('remember_me'), >> Submit('sign_in', 'Log in', >> css_class="btn btn-lg btn-primary btn-block"), >> ) >> >> def apply_gsp_request_form(request, id=None): >> >> if id: >> action = 'edit' >> model = get_object_or_404(ApplyGSP, pk=id) >> else: >> action = 'submit' >> model = ApplyGSP() >> >> message = "" >> >> if request.method == 'POST': >> form = ApplyGSPForm(request.POST, instance=model) >> >> if form.is_valid(): >> form.save() >> username = request.user.username >> print("password:", request.user.password) >> * # How to get password details ? If i get pwd here using >> request.user.password it is displaying >> in <SHAalgorithm>$<iterations>$<salt>$<hash> format.* >> * # but i need in raw(clear text format)* >> *applyselenium*(username,password*)* >> >> *def applyselenium():* >> ----------- >> ---------- >> >> >> My Views.py: >> ======= >> views.py: >> ======== >> def login_view(request): >> logout(request) >> >> username = password = '' >> redirect_to = request.GET.get('next', '/gspapp/') >> >> form = LoginForm() >> >> if request.POST: >> >> form = LoginForm(request.POST) >> >> username = request.POST['username'] >> password = request.POST['password'] >> >> user = authenticate(request, username=username, >> password=password) >> >> if user is not None: >> login(request, user) >> >> remember_me = request.POST.get('remember_me', False) >> >> if remember_me == "on": >> ONE_MONTH = 30 * 24 * 60 * 60 >> expiry = getattr(settings, "KEEP_LOGGED_DURATION", >> ONE_MONTH) >> request.session.set_expiry(expiry) >> else: >> request.session.set_expiry(0) >> >> return HttpResponseRedirect(redirect_to) >> >> context = {'form': form, 'page_title': page_title, >> 'loginpage_heading': loginpage_heading} >> return render(request, 'login.html', context) >> >> >> >> >> Regards >> N.Dilip Kumar. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/11a515fc-8b06-4130-8a0d-5ab6c9a21497%40googlegroups.com >> <https://groups.google.com/d/msgid/django-users/11a515fc-8b06-4130-8a0d-5ab6c9a21497%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/CA%2Bv0ZYVQUxqqRbKM-2Wbiuia7d5uWFNWTAyuGH200LmnmnK2kg%40mail.gmail.com > <https://groups.google.com/d/msgid/django-users/CA%2Bv0ZYVQUxqqRbKM-2Wbiuia7d5uWFNWTAyuGH200LmnmnK2kg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAC26BE39NjN9K%3Dyvtzop6676t1BqVYR4KYtQ%2BE2QCPrhsD20Pg%40mail.gmail.com.
