Arun S <arun....@gmail.com> writes: > Hi , > > I have a small issue with the Validation of Passwords in the Change Password > Page. > > Due to certain different requirements, i have written my own Custom Forms for > Change Password. > > Now in this, I would want to first Validate the Old Password Field with the > Current Users Password. > > The Problem i am facing here is that the OldPassword Field provides me a > Password in Raw String Format. > But the user.password returns a Hashed Output of the Users Password > > And for obvious Reasons, the Validation fails between OldPassword and the > User.Password. > > In many forums i checked that the Reverse way to get the Passed from the > Hashed Values is not possible. > So my only way to do this validation is through Encrypting the OldPassword > and then Comparing the Hash. > But i am not sure how to do that. > > Can some one please tell me how is this possible to achieve and what are the > Apis that i can use to get the Password to be compared. > > Arun.
The easiest way is to authenticate the user using the password from the form. It will return the user object if the password was correct, or None if it wasn't. For more information and an example see the docs: https://docs.djangoproject.com/en/1.9/topics/auth/default/#auth-web-requests -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/m2lh377qt0.fsf%400zb9ja0m9c.com. For more options, visit https://groups.google.com/d/optout.
