I use the method defined in django documentaion:http://www.djangobook.com/en/beta/chapter12/ def login(request): m = members.get_object(username__exact=request.POST[‘username’]) if

Question

0

Asked: May 26, 20262026-05-26T12:54:56+00:00 2026-05-26T12:54:56+00:00

I use the method defined in django documentaion:http://www.djangobook.com/en/beta/chapter12/ def login(request): m = members.get_object(username__exact=request.POST[‘username’]) if

0

I use the method defined in django documentaion:http://www.djangobook.com/en/beta/chapter12/

def login(request):
    m = members.get_object(username__exact=request.POST['username'])
    if m.password == request.POST['password']:
        request.session['member_id'] = m.id
        return HttpResponse("You're logged in.")
    else:
        return HttpResponse("Your username and password didn't match.")

but that sounds like it doesn’t match the password correctly! I enter a valid username and password but it doesn’t find the user,when I remove this line,it works:

if m.password == request.POST['password']:

I think because that password is hashed,it doesn’t match with plain password that user enter in login form.

so,what should I do now?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T12:54:57+00:00

Editorial Team

2026-05-26T12:54:57+00:00Added an answer on May 26, 2026 at 12:54 pm

You should use user.check_password for this. The reason is that the password is stored hashed and you can not compare it directly like this.

P.S. Take a loot at how authentication backends work.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I use the method defined in django documentaion:http://www.djangobook.com/en/beta/chapter12/ def login(request): m = members.get_object(username__exact=request.POST[‘username’]) if

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply