How to Hash Django user password in Django Rest Framework?

Question

I'm trying to create an API for my user registration using Django Rest Framework. I created a serializer by following the step from the api-guide

class CreateUserSerializer(serializers.ModelSerializer):
  class Meta:
    model = User
    fields = ('email', 'username', 'password')
    extra_kwargs = {'password': {'write_only': True}}

  def create(self, validated_data):
    user = User(
        email=validated_data['email'],
        username=validated_data['username']
    )
    user.set_password(validated_data['password'])
    user.save()
    return user

However, I keep getting the Invalid password format or unknown hashing algorithm. for my newly created user. I've tried to use make_password from django.contrib.auth.hashers, but I still can't resolve this issue.

Thanks

Answer 1

You can try it in this way

from django.contrib.auth.hashers import make_password

user = User.objects.create(
       email=validated_data['email'],
       username=validated_data['username'],
       password = make_password(validated_data['password'])
)

Answer 2

You can overwrite the perform_create method in CreateAPIView

from rest_framework.generics import CreateAPIView

class SignUpView(CreateAPIView):
    serializer_class = SignUpSerializers

    def perform_create(self, serializer):
        instance = serializer.save()
        instance.set_password(instance.password)
        instance.save()

Answer 3

In the serializer redefine the function create with this:

from django.contrib.auth.hashers import make_password

class UserSerializer(ModelSerializer):

    def create(self, validated_data):
        validated_data['password'] = make_password(validated_data['password'])
        return super(UserSerializer, self).create(validated_data)

And this all! :D

Answer 4

You could also use a field validation function for the password field by adding a validate_password method to your serializer and make it return the hash.

from rest_framework.serializers import ModelSerializer
from django.contrib.auth.hashers import make_password


class UserSerializer(ModelSerializer):
    class Meta:
        model = backend.models.User
        fields = ('username', 'email', 'password',)

    validate_password = make_password

Answer 5

You can do this in the views perform_create method:

from django.contrib.auth.hashers import make_password



def perform_create(self, instance):
        current_user = self.request.user
        user_exists = CustomUser.objects.filter(
            email=self.request.data['email']).first()
        if user_exists:
            raise MethodNotAllowed
        else:
            instance.save(is_active=False, is_confirmed=False,
                          password=make_password(self.request.data['password']))

Answer 6

Another simple solution is to use User.objects.create_user() in your create method like below

def create(self, validated_data):
    user = User.objects.create_user(**validated_data)
    return user

Answer 7

I know it's an old thread but i got this question today and i like to share my solution here.

You can define your serializer simple and like below:

class CreateUserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ('email', 'username', 'password')
        extra_kwargs = {'password': {'write_only': True}}

on the other hand in your view you can override perform_create method as below:

class UserView(ViewSets.ModelViewSet):
    queryset = User.objects.all()
    serializer_class = UserCreateSerializer

    def perform_create(self , serializer):
        new_user = 
        User.objects.create(username=self.request.data.get("username"))
        new_user.set_password(self.request.data.get("password"))
        serializer.save(password=user.password)

in this way, you can pass extra information to serializer to save.