Django 'QuerySet' object has no attribute 'startswith'
Question:
I’m new to Django and I created function to allow admin to create users accounts. I used a password generator + make_password() function to hash the password.
Now it’s sending the plain password to users email and storing it in the database hashed, I used check_password() to compare but I’m getting this error:
‘QuerySet’ object has no attribute ‘startswith’
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).values()
hashed_pw = User.objects.filter(user_password=user_password).values()
check_password(user_password, hashed_pw)
if user_details:
request.session['logged_in'] = True
request.session['user_email'] = user_details[0]["user_email"]
request.session['u_id'] = user_details[0]["user_email"]
request.session['user_name'] = user_details[0]["user_name"]
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')
User model:
class User(models.Model):
user_email = models.CharField(primary_key=True, max_length=100)
user_role_id = models.CharField(max_length=20)
user_password = models.CharField(max_length=20)
user_name = models.CharField(max_length=100)
user_avatar_path = models.CharField(max_length=300)
user_job_title = models.TextField(blank=True, null=True)
user_educ_qual = models.TextField(blank=True, null=True)
user_companies = models.TextField(blank=True, null=True)
class Meta:
managed = False
db_table = 'user'
Answers:
check_password is the User model’s method. To call the django check_password method you need the user object.
check_password(raw_password)ΒΆ
Returns True if the given raw string is the correct password for the user. (This takes care of the password hashing in making the comparison.)
try this
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).values()
hashed_pw = User.objects.filter(user_password=user_password).values()
user_object = User.objects.filter(user_email=user_email).last() # getting the user using email id
if user_object:
is_password_valid = user_object.check_password(user_password) # checking the user's password
print(is_password_valid)
if user_details:
request.session['logged_in'] = True
request.session['user_email'] = user_details[0]["user_email"]
request.session['u_id'] = user_details[0]["user_email"]
request.session['user_name'] = user_details[0]["user_name"]
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).first()
if user_details and check_password(user_password, user_details.user_password):
request.session['logged_in'] = True
request.session['user_email'] = user_details.user_email
request.session['u_id'] = user_details.user_email
request.session['user_name'] = user_details.user_name
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')
I’m new to Django and I created function to allow admin to create users accounts. I used a password generator + make_password() function to hash the password.
Now it’s sending the plain password to users email and storing it in the database hashed, I used check_password() to compare but I’m getting this error:
‘QuerySet’ object has no attribute ‘startswith’
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).values()
hashed_pw = User.objects.filter(user_password=user_password).values()
check_password(user_password, hashed_pw)
if user_details:
request.session['logged_in'] = True
request.session['user_email'] = user_details[0]["user_email"]
request.session['u_id'] = user_details[0]["user_email"]
request.session['user_name'] = user_details[0]["user_name"]
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')
User model:
class User(models.Model):
user_email = models.CharField(primary_key=True, max_length=100)
user_role_id = models.CharField(max_length=20)
user_password = models.CharField(max_length=20)
user_name = models.CharField(max_length=100)
user_avatar_path = models.CharField(max_length=300)
user_job_title = models.TextField(blank=True, null=True)
user_educ_qual = models.TextField(blank=True, null=True)
user_companies = models.TextField(blank=True, null=True)
class Meta:
managed = False
db_table = 'user'
check_password is the User model’s method. To call the django check_password method you need the user object.
check_password(raw_password)ΒΆ
Returns True if the given raw string is the correct password for the user. (This takes care of the password hashing in making the comparison.)
try this
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).values()
hashed_pw = User.objects.filter(user_password=user_password).values()
user_object = User.objects.filter(user_email=user_email).last() # getting the user using email id
if user_object:
is_password_valid = user_object.check_password(user_password) # checking the user's password
print(is_password_valid)
if user_details:
request.session['logged_in'] = True
request.session['user_email'] = user_details[0]["user_email"]
request.session['u_id'] = user_details[0]["user_email"]
request.session['user_name'] = user_details[0]["user_name"]
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')
def user_login(request):
if request.method == "POST":
user_email = request.POST['user_email']
user_password = request.POST['user_password']
user_details = User.objects.filter(user_email=user_email).first()
if user_details and check_password(user_password, user_details.user_password):
request.session['logged_in'] = True
request.session['user_email'] = user_details.user_email
request.session['u_id'] = user_details.user_email
request.session['user_name'] = user_details.user_name
request.session['u_type'] = "emp"
return HttpResponseRedirect('/user_index')
else:
return render(request, 'EmpLogin.html', {'msg': "0"})
else:
return render(request, 'EmpLogin.html')