On Mar 30, 12:58 pm, Malcolm Tredinnick <malc...@pointy-stick.com>
wrote:
> A number of problems here. Firstly, Django uses SHA1 as the default
> hashing algorithm. Secondly, you haven't accounted for including any
> salt in the password hash (which make the task of dictionary attacks
> much harder).
>
> The correct way to set a user's password is to call the set_password()
> method on the user object. You pass in the plaintext password and
> set_password() does the necessary hashing.
I tried doing this:
from django.contrib.auth.models import User
from portal.register.forms import RegisterForm
def form(request):
if request.method == 'POST': # If the form has been submitted...
form = RegisterForm(request.POST) # A form bound to the POST
data
print form
if form.is_valid(): # All validation rules pass
# Process the data in form.cleaned_data
user = User()
new_member = form.save(commit=False)
new_member.password = user.set_password
( new_member.password )
instance = new_member.save()
But it seems that user.set_password is not invoked and I get None.
What is the proper way of doing it?
Thank you very much in advance
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
