72

Hi I am using the django model class with some field and a password field. Instead of displaying regular plain text I want to display password input. I created a model class like this:

class UserForm(ModelForm):
    class Meta:
        password = forms.CharField(widget=forms.PasswordInput)
        model = User
        widgets = {
            'password': forms.PasswordInput(),
        }

But i am getting the following error: NameError: name 'forms' is not defined.

I am using django version 1.4.0. I followed this link : Django password problems

Still getting the same error. What should i do. Where am i getting wrong.Please help

Brambor
  • 604
  • 1
  • 8
  • 25
Dar Hamid
  • 1,949
  • 4
  • 21
  • 27
  • I tried to use PasswordInput as the field definition, which didn't work. The `widget=forms.PasswordInput` did the trick for me making my form work. – anno1337 Jul 28 '14 at 11:19

11 Answers11

95

The widget needs to be a function call, not a property. You were missing parenthesis.

class UserForm(ModelForm):
    password = forms.CharField(widget=forms.PasswordInput())
    class Meta:
        model = User
Burhan Khalid
  • 169,990
  • 18
  • 245
  • 284
  • Are the parenthesis really necessary? You just fix the PasswordInput field during initialisation instead of creating them again for every UserForm. – blacklwhite Jan 21 '14 at 08:59
  • 2
    Not true, Django specifically handles this with `if isinstance(widget, type): widget = widget()` – kibibu Feb 03 '14 at 05:03
  • why does django create text field for password? its obvious to have a Password field for the password input? – A.J. Mar 21 '14 at 06:37
  • 2
    A field in django forms is not the same as a field in HTML forms. The field in HTML forms is the same as the _widget_ in django forms. – Burhan Khalid Mar 21 '14 at 09:03
59

You need to include the following in your imports;

from django import forms
SleepyCal
  • 5,739
  • 5
  • 33
  • 47
DrTyrsa
  • 31,014
  • 7
  • 86
  • 86
  • 1
    I tried that too...i am not getting any error now. but getting same text input for password field. also voting the question down will not solve my problem. – Dar Hamid Feb 17 '12 at 07:37
  • I appreciate your answer. But i havnt missed any parenthesis or so. Also i have put name of password field in model class same as that in the modelForm.Thanks any way – Dar Hamid Feb 17 '12 at 07:48
18

Why not just create your own password field that you can use in all your models.

from django import forms 

class PasswordField(forms.CharField):
    widget = forms.PasswordInput

class PasswordModelField(models.CharField):

    def formfield(self, **kwargs):
        defaults = {'form_class': PasswordField}
        defaults.update(kwargs)
        return super(PasswordModelField, self).formfield(**defaults)

So now in your model you use

password = PasswordModelField()
Karol Jochelson
  • 291
  • 2
  • 4
14

@DrTyrsa is correct. Don't forget your parentheses.

from django.forms import CharField, Form, PasswordInput

class UserForm(Form):
    password = CharField(widget=PasswordInput())
Keith
  • 9,278
  • 1
  • 15
  • 7
5

I did as a follow without any extra import

from django import forms
class Loginform(forms.Form):
    attrs = {
        "type": "password"
    }
    password = forms.CharField(widget=forms.TextInput(attrs=attrs))

The idea comes form source code: https://docs.djangoproject.com/en/2.0/_modules/django/forms/fields/#CharField

Egalicia
  • 683
  • 9
  • 17
4

Since this question was asked a couple years ago, and it is well indexed on search results, this answer might help some people coming here with the same problem but be using a more recent Django version.

I'm using Django 1.11 but it should work for Django 2.0 as well.

Taking into account that you using a model user I will assume that you are using the default User() model from Django.

Since the User() model already has a password field, we can just add a widget to it.

from django import forms
from django.contrib.auth.models import User

# also, it will work with a custom user model if needed.
# from .models import User


class UserRegistrationForm(forms.ModelForm):

    class Meta:
        model = User
        fields = ['username', 'password']

        widgets = {
            # telling Django your password field in the mode is a password input on the template
            'password': forms.PasswordInput() 
        }

Check the docs

I'm fairly new to Django, if my answer was not accurate enough, please let us know, I'd be happy to edit it later on.

Jesus Lemus
  • 41
  • 3
  • This is great to protect newly typed passwords from being displayed. However be aware that this does still leak existing passwords; a user can just "view source" and see the unobscured password in the HTML. – Nexus Jun 21 '19 at 02:13
  • @Nexus so there’s another way? Also I dont see any of the form inputs on viewing source or inspecting not sure how you are seeing them? – West Dec 02 '19 at 19:20
2

** Try to use this **

password1 = forms.CharField(widget=forms.PasswordInput(attrs={
    'class': 'input-text with-border', 'placeholder': 'Password'}))
password2 = forms.CharField(widget=forms.PasswordInput(attrs={
    'class': 'input-text with-border', 'placeholder': 'Repeat Password'}))
Muzaffar
  • 51
  • 1
  • 7
0

It's very simple.

You should get password form field out of Meta class.

minmaxavg
  • 686
  • 6
  • 21
0

What was written by the OP at password = forms.Charfield(widget=forms.PasswordInput) was correct. It just does not belong in the class Meta: section. Instead, it should be above it, indented one level below class UserForm....

tituszban
  • 4,797
  • 2
  • 19
  • 30
Fr George
  • 23
  • 9
0

The solutions above works if the field is nullable. Using render_value will render the password into the input field and show the value as asterix placeholders.

Attention: This is great if you simply want to hide the password from users, but the password will be readable by using javascript.

class UserForm(forms.ModelForm):
    class Meta:
        model = Org
        fields = '__all__'

        widgets = {
            'password': forms.PasswordInput(render_value=True),
        }

Edit:

Found a better solution without exposing the current password. PASSWORD_ASTERIX_PLACEHOLDER will be set as value when loading the input. Before saving the model, it reverts the value to the old one if a user is not setting an explicit new password.

FormInput:

class PrefilledPasswordInput(PasswordInput):
    PASSWORD_ASTERIX_PLACEHOLDER: str = 'hidden-password'

    def __init__(self, attrs: dict = None, *args, **kwargs):
        if not attrs:
            attrs = {}
        attrs.setdefault('value', PrefilledPasswordInput.PASSWORD_ASTERIX_PLACEHOLDER)
        super().__init__(attrs=attrs, *args, **kwargs)

ModelField:

class PasswordCharField(models.CharField):
    def to_python(self, value):
        return super().to_python(value)

    def pre_save(self, model_instance, add):
        attr_name = self.get_attname()

        if not add:
            # Reset to old value if matching with PASSWORD_ASTERIX_PLACEHOLDER
            old_instance = self.model.objects.get(id=model_instance.id)
            current_value: str = getattr(model_instance, attr_name)
            if current_value == PrefilledPasswordInput.PASSWORD_ASTERIX_PLACEHOLDER:
                old_value: str = getattr(old_instance, attr_name)
                setattr(model_instance, attr_name, old_value)

        return super().pre_save(model_instance, add)

Your admin-(form):

class UserForm(forms.ModelForm):
    class Meta:
        model = Org
        fields = '__all__'

        widgets = {
            'password': PrefilledPasswordInput(),
        }

Your model:

class User(SomeBaseModel):
    ...
    password = PasswordCharField(max_length=32, null=False, blank=False)
Tobias Ernst
  • 4,214
  • 1
  • 32
  • 30
0
from django import forms

class loginForm(forms.Form):
    username = forms.CharField(
        widget=forms.TextInput(attrs={'class': 'form-control', 'placeholder': 'Enter Your userName'}))

    password = forms.CharField(
        widget=forms.PasswordInput(attrs={'class': 'form-control', 'placeholder': 'please enter password'}))
saeed sahoor
  • 111
  • 1
  • 4