12

How to remove the password in the users table and User class in a custom user model?

I'm using django-rest-framework token authentication, so i don't need the password field.

Here is my model:

class CustomUserManager(BaseUserManager):

    def create_user(phone, name=None):
        return User.objects.create(
            name=name, phone=phone)

    def create_superuser(name, phone=None):
        pass

class User(AbstractBaseUser):
    """
    Custom django User model.
    """
    name = models.CharField(max_length=30,
                        null=True, validators=[validate_name])

    phone = PhoneNumberField(unique=True, blank=False, null=False)

    objects = CustomUserManager()

    USERNAME_FIELD = 'phone'
    REQUIRED_FIELDS = []
Anas Aldrees
  • 425
  • 1
  • 8
  • 16

2 Answers2

22

An alternative to removing the password field would be to use set_unusable_password, which marks the user as having no password set.

def create_user(phone, name=None):
    user = User(name=name, phone=phone)
    user.set_unusable_password()
    user.save()
    return user
Seonghyeon Cho
  • 171
  • 1
  • 3
  • 11
Alasdair
  • 298,606
  • 55
  • 578
  • 516
  • 1
    This, as it says in the docs .. "You may need this if authentication for your application takes place against an existing external source such as an LDAP directory." – Sayse Jan 21 '16 at 12:10
7

Just override the password attribute:

password = None
sean
  • 741
  • 2
  • 7
  • 14