pythondjangodjango-permissionsdjango-auth-modelsdjango-viewsets
Can't change user password for Django user model using ModelViewSet
I was using Django user model using the ModelViewSet. When I am making a request to update the password for the current user that is logged in. Although I get a 200 OK response but my password never changes to the new one that I changed.
I also tried making the request from my admin user and when I made the PUT request with the password, it got changed to something else and I was logged out from the django admin panel.
Here is my
views.py
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [IsAuthenticated, IsOwnerOfObject]
authentication_classes = (TokenAuthentication,)
serializers.py
class UserSerializer(serializers.ModelSerializer):
class Meta:
model = User
fields = ['id', 'username', 'password']
extra_kwargs = {
'password' : {
'write_only':True,
'required': True
}
}
def create(self, validated_data):
user = User.objects.create_user(**validated_data)
Token.objects.create(user=user) # create token for the user
return user
urls.py
router = DefaultRouter()
router.register('articles', ArticleViewSet, basename='articles')
router.register('users', UserViewSet, basename = 'users')
urlpatterns = [
path('api/', include(router.urls)),
]
permissions.py
class IsOwnerOfObject(permissions.BasePermission):
def has_object_permission(self, request, view, obj):
return obj == request.user
Here is how I am making the request, with Authorisation token in the Headers field
Response :
Solution
As @BrianDestura says, you need call set_password to correctly update it.
class UserSerializer(serializers.ModelSerializer):
# --> Add this method
def update(self, instance, validated_data):
# We Can change the username?
instance.username = validated_data['username']
instance.set_password(validated_data['password'])
instance.save()
return instance
- Is it possible to call setter as a method?
- Accessing a Python traceback from the C API
- Scraping hierarchical website in a specific category
- How to offset a marker in matplotlib?
- How to access current user in Django class based view
- Is there a way to define list(obj) method on a user defined class in python?
- Deserializing Json list into class objects not able to extract attrributes
- What is the pythonic way to detect the last element in a 'for' loop?
- How to get integer values from a string in Python?
- Optimize this Python code that involves matrix inversion
- how to read a file with dictionary?
- How to extract only audio from downloading video? Python yt-dlp
- How to solve Invalid element(s) received for the 'color' property?
- Plotly Value error - Invalid property for colour
- no module named distutils....but distutils installed?
- how can i change the venv of my current shell from within a python script
- What is the difference between "cast(...)" and "... # type: ..."?
- getting the file size with pycurl
- export conda environment without prefix variable which shows local path to executable
- How can I fix datetime error when trying to use the now syntax?
- Python 3 asyncio with aioboto3 seems sequential
- How can I set OpenCV to use origin as bottom-left corner of image?
- Can I use sleep in the main thread without blocking other threads?
- Getting number of elements in an iterator in Python
- Merging tuples if they have one common element
- How to specify the response_model in FastAPI on a non-default return?
- PyCharm doesn’t see files in project
- How to tune PID controller on non-linear model (here: diving of a body)
- Create list of factorials using list comprehension
- Rewriting URL request function to satisfy GitHub CodeQL server side request forgery (SSRF) warning