Search code examples
djangodjango-modelsdjango-viewsdjango-formsdjango-custom-user

Unable to login in custom user model


I have custom user model that works goods for registration and creating superuser. But it fails to login. I have been trying to rectify the problem but couldn't find any potential errors...

Login Form is not logging in the user when I submit the form, it just says the user with that username already exists (it is kind of acting like signup page) How to resolve this issue or else i get a 'page not accessible contact owner of the site'

#models.py

class Organisation(models.Model):
    organisation_name =  models.CharField(max_length = 256)
    contact_no = models.IntegerField()
    email = models.EmailField()

    class Meta():
        unique_together = ['organisation_name','email']

    def  __str__(self):
        return self.organisation_name

class MyUserManager(BaseUserManager):
    def create_user(self, username, organisation, email, password):
        if not organisation:
            raise ValueError("Users must have an organisation")
        email = self.normalize_email(email)
        user = self.model(username=username, email=email, organisation=organisation)
        user.set_password(password)
        user.save(using=self.db)
        return user
    def create_superuser(self, username, email, password):
        user = self.model(username=username, email=self.normalize_email(email))
        user.set_password(password)
        user.is_superuser = True
        user.is_staff = True
        user.save(using=self.db)
        return user

class MyUser(AbstractBaseUser):
    username = models.CharField(max_length=256,unique=True)
    email = models.EmailField(max_length=256)
    organisation = models.ForeignKey(Organisation,on_delete=models.CASCADE,null=True)

    is_staff = models.BooleanField(default=False)
    
    USERNAME_FIELD = "username"
    REQUIRED_FIELDS = ['email']
    objects = MyUserManager()

    def __str__(self):
        return self.username

    def has_perm(self, perm, obj=None):
        return True

    def has_module_perms(self, app_label):
        return True

#forms.py

class MyUserForm(forms.ModelForm):
    class Meta():
        model = models.MyUser
        fields = ('username','email','password','organisation')

class MyUserLoginForm(forms.ModelForm):
    password=forms.CharField(label="password",widget=forms.PasswordInput)

    class Meta:
        model=models.MyUser
        fields=("username","email","password","organisation")

#views.py

class indexPage(TemplateView):
    template_name = 'accounts/inner_index.html'

class Create_Organisation(CreateView):
    model = models.Organisation
    fields = ('__all__')
    template_name  = 'accounts/organisation_form.html'
    success_url = reverse_lazy("accounts:inner_index")

class Create_Accounts(CreateView,LoginRequiredMixin):
    model = models.MyUser
    form_class = forms.MyUserForm
    template_name = 'accounts/create_account.html'
    success_url = reverse_lazy("accounts:inner_index")




class LoginPageView(View):
    template_name = 'accounts/login_account.html'
    form_class = forms.MyUserLoginForm

    def get(self, request):
        form = self.form_class()
        message = ''
        return render(request, self.template_name, context={'form': form, 'message': message})

    def post(self, request):
        form = self.form_class(request.POST)
        if form.is_valid():
            user = authenticate(
                username=form.cleaned_data['username'],
                email = form.cleaned_data['email'],
                password=form.cleaned_data['password'],
                organisation = form.cleaned_data['organisation'],
            )
            if user:
                login(request, user)
                return redirect('/accounts/')
        message = 'Login failed!'
        return render(request, self.template_name, context={'form': form, 'message': message})

#urls.py

app_name = "accounts"

urlpatterns = [
    path('',views.indexPage.as_view(),name  = 'inner_index'),
    path('create_organisation/',views.Create_Organisation.as_view(),name='create_organisation'),
    path('create_account/',views.Create_Accounts.as_view(),name='create_account'),
    path('login_account/',views.LoginPageView.as_view(),name = 'login'),
    path('login_test/',views.Login_Test.as_view(),name='login_test'),
]

#login_account.html

{% extends 'base.html' %}
{% load bootstrap3 %}
{% block body_block %}
<form method="POST">
  <h1>LOGIN</h1>
  {% csrf_token %}
  {% bootstrap_form form %}
  <input type="submit" name="" value="Login">
</form>

{% endblock %}

#settings.py

AUTH_USER_MODEL = 'accounts.MyUser'
LOGIN_REDIRECT_URL = '/accounts/login_account'

Solution

  • There is one major issue in your code. That is by using a generic CreateView to create your users it will not use your manager thus will not hash the password, so you need to override it:

    views.py

    class Create_Accounts(CreateView,LoginRequiredMixin):
        model = models.MyUser
        form_class = forms.MyUserForm
        template_name = 'accounts/create_account.html'
        success_url = reverse_lazy("accounts:inner_index")
    
        def post(self, request, *args, **kwargs):
            form = self.form_class(request.POST)
            if form.is_valid():
                self.model.objects.create_user(**form.cleaned_data)
            return redirect('accounts:login')
    

    But, your main problem is because you are trying to validate a form with your login data, that is why you get username already exists. Because ModelForm will try to validate the username which is supposed to by `unique:

    models.py (snippet)

    class MyUser(AbstractBaseUser):
        username = models.CharField(max_length=256,unique=True)
        ...
    

    Also, organisation and email are not required for the default authentication backend (The form still usefull to easily render components tho):

    views.py

    class LoginPageView(View):
        ...
    
        def get(self, request):
            ...
    
        def post(self, request):
            credentials = {
            'username': request.POST.get('username'),
            'password': request.POST.get('password')
            }
            user = authenticate(**credentials)
    
            if user:
                login(request, user)
                return redirect('/accounts/')
    
            message = 'Login failed!'
            return render(request, self.template_name, context={'message': message})