{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 疯言疯语 的问题《integrate django password validators with django r》','https://www.manongdao.com/q-213737.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm trying to integrate django validators 1.9 with django rest framework serializers. But the serialized 'user' (of django rest framework) is not compatible with the django validators.
Here is the serializers.py
import django.contrib.auth.password_validation as validators
from rest_framework import serializers
class RegisterUserSerializer(serializers.ModelSerializer):
password = serializers.CharField(style={'input_type': 'password'}, write_only=True)
class Meta:
model = User
fields = ('id', 'username', 'email, 'password')
def validate_password(self, data):
validators.validate_password(password=data, user=User)
return data
def create(self, validated_data):
user = User.objects.create_user(**validated_data)
user.is_active = False
user.save()
return user
I managed to get MinimumLengthValidator and NumericPasswordValidator correct because both function validate don't use 'user' in validating. Source code is here
Excerpt from django source code:
def validate(self, password, user=None):
if password.isdigit():
raise ValidationError(
_("This password is entirely numeric."),
code='password_entirely_numeric',
)
For other validators like UserAttributeSimilarityValidator, the function uses another one argument 'user' in validating ('user' is django User model, if I'm not wrong)
Excerpt from django source code:
def validate(self, password, user=None):
if not user:
return
for attribute_name in self.user_attributes:
value = getattr(user, attribute_name, None)
How can I change serialized User into what django validators(UserAttributeSimilarityValidator) can see
Excerpt from django source code:
def validate(self, password, user=None):
if not user:
return
for attribute_name in self.user_attributes:
value = getattr(user, attribute_name, None)
if not value or not isinstance(value, string_types):
continue
Edit
Django Rest Framework can get all of Django's built-in password validation (but it's like a hack). Here's a problem:
The validationError is like this
[ValidationError(['This password is too short. It must contain at least 8 characters.']), ValidationError(['This password is entirely numeric.'])]
The validation doesn't contain a field. Django rest framework see it as
{
"non_field_errors": [
"This password is too short. It must contain at least 8 characters.",
"This password is entirely numeric."
]
}
How can I inject a field at raise ValidationError
Like you mentioned, when you validate the
passwordinvalidate_passwordmethod usingUserAttributeSimilarityValidatorvalidator, you don't have theuserobject.What I suggest that instead of doing field-level validation, you shall perform object-level validation by implementing
validatemethod on the serializer:You can access the user object through
self.instanceon the serializer object, even when doing field-level validation. Something like this should work:At the time of creating new user(registration) then self.instance will be none, it will work when your are resting the password, change password or updating user data with password. But if you want to check the password should not be similar to your email or username then you need to include "SequenceMatcher" in your validation
Use Serializers! Have a
validate_fieldnamemethod!