Whether the password stores in the keystone's password table, and if is, how does the password maps the user's password?
Where is the user's password is store ?
I can not find in the keystone's user table:
But I can find in the keystone's password table:
does the password is map the user's password?
My question is :
Whether the password stores in the keystone's password table? and if is, how does the password maps the user's password? and does the password's encrypted? I never see this type password.
I never see this type password. because I use the openstacksdk register a project and user, I can not login. I don't know why. So, I want to get some idea about it here.
My project's django code is bellow, use openstacksdk to register:
def register(request):
if request.method == 'GET':
return render(request, 'frontend/register.html')
elif request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
phone = request.POST.get('phone')
email = request.POST.get('email')
usertype = 1
app_user_params = {
"username":username,
"password":hashlib.sha1(password).hexdigest(), # sha1加密
"phone":phone,
"email":email,
"usertype":usertype
}
user_form = UserMF(app_user_params)
if user_form.is_valid():
obj_user = models.User.objects.filter(username=username)
obj_phone = models.User.objects.filter(phone=phone)
obj_email = models.User.objects.filter(email=email)
# 使用admin用户创建project和user
from openstack import connection
connection = connection.Connection(**settings.ADMIN_OPENRC)
admin_conn = OpenstackConn.OpenstackAdminConn()
admin_conn.admin_conn = connection
# 创建项目(先创建项目,再创建用户)
project_params = {
"description":username+"'s project",
"is_domain":False,
"enable":False, # I set True still has this issue.
"name":username, # 给的是用户名,也是唯一的
}
try:
new_project = admin_conn.admin_conn.identity.create_project(**project_params) # create_project
print (new_project, new_project.id, "new project created")
except Exception as e:
print (e.message)
return HttpResponse(json.dumps({'status_code':0,'info':e.message.encode('utf-8')}))
# 创建 openstack_cloud user
user_params = {
"default_project_id":new_project.id,
"email":email,
"enabled":False,
"name":username,
"password":password
}
try:
new_user = admin_conn.admin_conn.identity.create_user(**user_params)
print (new_user, new_user.id, "new user created")
except Exception as e:
admin_conn.admin_conn.identity.delete_project(new_project)
print (e.message)
return HttpResponse(json.dumps({'status_code': 0, 'info': e.message.encode('utf-8')}))
I don't know whether I write wrong, or password will encrypt.
EDIT-1
I print the new created user, and user.id:
(openstack.identity.v3.user.User(name=liaodalin15, links={u'self': u'http://controller:5000/v3/users/66c60156d0f24a118df54f19e2705aaf'}, enabled=False, domain_id=default, email=xxxxxxxxx@126.com, default_project_id=a829eda8c4de479d8ca5c3a4335c793a, password=liaodalin15, id=66c60156d0f24a118df54f19e2705aaf, password_expires_at=None), u'66c60156d0f24a118df54f19e2705aaf')
Seems the password did now encrypt. Does this should encrypt by ourself?
In the end, I figured out the issue:
Because use openstacksdk create user default is disabled, so I should eable it.