From 47103df48a7c9de61f359bdbd0bba4235a1f92be Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Sat, 7 Nov 2020 18:58:29 +0200 Subject: [PATCH] Change user creation to not ask for a password (and clarify the readme). --- README.md | 7 +++---- myauth/admin.py | 13 ++++++++++++- myauth/forms.py | 30 ++++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 myauth/forms.py diff --git a/README.md b/README.md index 0ecf52a..3a3f5fd 100644 --- a/README.md +++ b/README.md @@ -84,10 +84,9 @@ Create yourself an admin user: ``` At this stage you need to create accounts to be used with the EteSync apps. To do that, please go to: -`www.your-etesync-install.com/admin` and create a new user to be used with the service. Set a random -password for the user such as `j3PmCRftyQMtM3eWvi8f`. No need to remember it, as it won't be used. -Etebase uses a zero-knowledge proof for authentication, so the user will just create a password when -creating the account from the apps. +`www.your-etesync-install.com/admin` and create a new user to be used with the service. No need to set +a password, as Etebase uses a zero-knowledge proof for authentication, so the user will just create +a password when creating the account from the apps. After this user has been created, you can use any of the EteSync apps to signup (or login) with the same username and email in order to set up the account. The password used at that point will be used to setup the account. diff --git a/myauth/admin.py b/myauth/admin.py index f91be8f..0ecde3f 100644 --- a/myauth/admin.py +++ b/myauth/admin.py @@ -1,5 +1,16 @@ from django.contrib import admin -from django.contrib.auth.admin import UserAdmin +from django.contrib.auth.admin import UserAdmin as DjangoUserAdmin from .models import User +from .forms import AdminUserCreationForm + + +class UserAdmin(DjangoUserAdmin): + add_form = AdminUserCreationForm + add_fieldsets = ( + (None, { + 'classes': ('wide',), + 'fields': ('username', ), + }), + ) admin.site.register(User, UserAdmin) diff --git a/myauth/forms.py b/myauth/forms.py new file mode 100644 index 0000000..55f7299 --- /dev/null +++ b/myauth/forms.py @@ -0,0 +1,30 @@ +from django import forms +from django.contrib.auth import get_user_model +from django.contrib.auth.forms import UsernameField + +User = get_user_model() + + +class AdminUserCreationForm(forms.ModelForm): + """ + A form that creates a user, with no privileges, from the given username and + password. + """ + + class Meta: + model = User + fields = ("username",) + field_classes = {'username': UsernameField} + + def __init__(self, *args, **kwargs): + super().__init__(*args, **kwargs) + if self._meta.model.USERNAME_FIELD in self.fields: + self.fields[self._meta.model.USERNAME_FIELD].widget.attrs['autofocus'] = True + + def save(self, commit=True): + user = super().save(commit=False) + user.set_unusable_password() + if commit: + user.save() + return user +