Checking password and validation of registration
def confirm_user(request): if request.method == 'POST': password = request.POST.get('check_pass', '') user = auth.authenticate(password=password) if user is not None: print("Есть совпадение") else: print("Нет совпадений") return render(request, 'check.html')
This is the case, we need to compare the injectable code to the database code.
- The method auth.authenticate is appropriate for this purpose?
- How is it better to arrange a test? To take into account the id user. And change the registration flag.
I am more grateful for constructive advice/response
The authenticate method is searching for a user on all the copying bills. Well, if you look at it, https://docs.djangoproject.com/en/dev/topics/auth/default/#authenticating-users you can see that by default, the username and password should be transferred to it.
I'm guessing you have some email in the database that is, like, a random line from the N symbols. You send a link to the user in the mail that contains this email_check_code, and for the user concerned, you record this value in the database. The user who passed this reference must see the message that his email is confirmed.
It is clear from the diagram that we have only email_check_code (and no password). That's why the authenticate method doesn't suit us.
Come on. It's easy to deal with. Let's say that you have set up some related user table and store two values - user and email_check_code, and the user will not confirm the email is_active = False. Accordingly, we need to check the email in the check_code, find this user and put him in the vuge = True. Well, to make it easier to remove this model's instas with the code (for the second time you didn't cross the same reference).
from django.contrib.auth import get_user_model from .models import EmailCodeModel
if request.method == 'POST':
code_instance = EmailCodeModel.objects.filter(email_check_code=request.GET.get('email_check_code')).first()
code_instance.user.is_active = True
# тут можно сделать, например, redirect на страницу успеха
return render(request, 'check.html')
Still not sure? Look how this works. https://github.com/macropin/django-registration/blob/master/registration/views.py#L80 ♪ Don't bother yourself with this and use this supplement - for simple registration and email confirmation, it's just what you need.