1

I have a custom User model with email as username. I have encrypted the email field to be in conformity with GPDR (I will hold a lot of personal information). I have added a email_hash field with index on it for the database to be able to retrieve immediately user. I have modified get_natural_key of my user object manager to use the hash for retrieve.

But now i face a problem I have to disable the uniqueness on field email (username field) but Django don't let me do it when i try to makemigrations.

myuser.MyUser: (auth.E003) 'MyUser.email' must be unique because it is named as the 'USERNAME_FIELD'.

Otherwise, I want the uniqueness error to be fired on email field and not on email_hash field ....

How to have functional encrypted email field as user and stored hash for index ?

edit: I have disable uniqueness check on email field and added SILENCED_SYSTEM_CHECKS = ["auth.E003"] in settings.

Now my problem is to have uniqueness error of email_hash rendered as email error to have "A user with that email address already exists." message displayed on correct forms and django rest framework serializer field.

Stygmate
  • 61
  • 2
  • 5
  • To clarify: you are storing the user email and hash of the user's email? And you removed the username field? – dyz May 11 '19 at 14:19
  • Why do you need to disable uniqueness on the email field? What are you storing in it? – dyz May 11 '19 at 14:19
  • I'm storing encrypted version of email using Django-Cryptography https://github.com/georgemarshall/django-cryptography the encrypt and decrypt happen django side so this is not indexable anymore. This lib disable a lot of lookups. This is why i added a hash field. And yes i removed the username field. – Stygmate May 11 '19 at 14:25
  • Can you specify exactly what is in each of these fields and their relationships please: username, email, email_hash – dyz May 11 '19 at 14:30
  • username is deleted. email is a binary encrypted version of the email of the user. email_hash is a char with a value computed with PBKDF2PasswordHasher. – Stygmate May 11 '19 at 14:32
  • check the edited version of my question. – Stygmate May 11 '19 at 14:51
  • What's wrong with setting `db_index=True` on `email_hash`? (this implies `unique=True`) – dyz May 12 '19 at 11:02
  • it's not the problem my problem is to have uniqueness error of email_hash returned on email field for forms to display message like "a user with this email already exist". I have resolved this by overiding validate_unique of model and modifying ValidationError.error_dict... So resolved. – Stygmate May 13 '19 at 12:05

0 Answers0