| « switching | Would this work? » |
Monday, November 16th, 2009
Case insensitive usernames in Django
Django's authenticate() method treats both username and password as case sensitive. Password HAS to be, because an uppercase password will not create the same hash as a lowercase password. That is understandable. But the username case sensitivity I don't get. Here is my solution. It requires an extra query to the DB, so if anyone can do this better without actually hacking Django, please let me know.
if loginform.is_valid():
#make usernames caseinsensitive
try:
u = User.objects.get(username__iexact=loginform.cleaned_data['username'])
username = u.username
except User.DoesNotExist:
username = loginform.cleaned_data['username']
user = authenticate(username=username,password=loginform.cleaned_data['password'])
what is happening here is i am querying the user table for a user whose username matches the provided username case insensitively. if there is one, use the actual stored username as the username passed to authenticate(). if there isn't one, just use the provided username, because they will get the same error message saying it doesn't exist.
any better ideas out there?
5:42pm by Brandon //5 comments 2509 views 5 comments
In my forms.py...
def clean_username(self):
username = self.cleaned_data['username']
unique = User.objects.filter(username__iexact=username)
if len(unique)>0:
raise ValidationError(u"User with this username already exists.")
if unique:
instead of
if len(unique) > 0:
import django.contrib.auth.views as django_views
def icase_login(request):
if request.method == 'POST':
__uname = request.POST.get('username','')
__try: user = User.objects.get(username__iexact = uname)
__except: user = None
__if user and user.username != uname: # need to fix the request
____qdict = request.POST.copy()
____qdict.__setitem__('username', user.username)
__request.POST = qdict # overwrite with the case sensitive name
return django_views.login(request)
Comment feed for this post