#15371: createsuperuser with --noinput creates users with empty password
-----------------------------+----------------------------------------------
Reporter: yishaibeeri | Owner: nobody
Status: new | Milestone: 1.3
Component: Authentication | Version: SVN
Keywords: createsuperuser | Triage Stage: Unreviewed
Has patch: 1 |
-----------------------------+----------------------------------------------
As of [14053], empty passwords are allowed by the contrib.auth User model
and helper functions.
As a side effect, when running the createsuperuser management command in
non-interactive mode, the created superuser is given the (valid) empty
password. However, the usage string displayed when running
{{{createsuperuser --help}}} promises that the user will be created with
{{{auth.models.UNUSABLE_PASSWORD}}}.
IMHO, the previous behavior (create the user with UNUSABLE_PASSWORD) is
the correct one - I'm attaching a patch that fixes this.
If the new, empty-password behavior, is decided to be the right one, then
the usage string for createsuperuser should be fixed to reflect that.
Also see https://groups.google.com/group/django-
developers/browse_thread/thread/36da4515d621fb78/e07fa8b7b876bea5
--
Ticket URL: <http://code.djangoproject.com/ticket/15371>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
