i have 2 django application and i want importing users with passwords to another application when i do this, i have problem for login imported users cant login Note : i have custom user model this 2 application have SAME SECRET_KEY and here is my login code

        GetDomain = Domains.objects.filter(domain=get_domain(HTTP_HOST=request.META['HTTP_HOST'])).first()
        Email = request.POST.get('mail', None)
        raw_password = request.POST.get('pass', None)
        recaptcha_response = request.POST.get('g-recaptcha-response', None)
        if Email is None:
            return HttpResponse(ajax_result(Code=200, message='ایمیل خالی است'))
        if raw_password is None:
            return HttpResponse(ajax_result(Code=200, message='پسورد خالی است'))
        if recaptcha_response is None:
            return HttpResponse(ajax_result(Code=200, message='کد امنیتی را وارد کنید'))

        GetUser = User.objects.filter(email=Email).first()

        if GetUser is not None and GetUser.is_active:
            if GetUser.aff != GetDomain.UseBy.username:
                return HttpResponse(ajax_result(Code=200, message='کاربر یافت نشد'))

            if RecaptchaValidator(recaptcha_response):
                if not GetUser.is_superuser and not GetUser.is_staff:
                    DeleteLastSessions(GetUser)
                user = authenticate(username=GetUser.username, password=raw_password)
                try:
                    login(request, user)
                except AttributeError:
                    return HttpResponse(ajax_result(message='اطلاعات ورود اشتباه است'))
                GetUser.Browser = request.META['HTTP_USER_AGENT']
                GetUser.IsLogin = True
                GetUser.LastLoginIP = GetIP(request)
                GetUser.save()
                if GetUser.is_superuser or GetUser.is_staff:
                    SubmitLog(user=request.user, Part='ورود به پنل', Number=None, Information=None,
                              IP=GetIP(request))
                threading.Thread(target=WriteUserExtraInformation, args=(request, GetUser,), name='WI').start()
                if GetUser.NeedVerify:
                    Context = '{"result" : "ok", "data": {"url":"/tickets/send?verify=1"}}'
                else:
                    if 'next' in request.GET.keys():
                        Context = '{"result" : "ok", "data": {"url":"'   request.GET['next']   '"}}'
                    else:
                        Context = '{"result" : "ok", "data": {"url":"/profile/"}}'
                response = HttpResponse(Context)
                response.set_cookie('app', 'True', secure=True)
                return response
            else:
                return HttpResponse(ajax_result(message='کد امنیتی درست وارد نشده'))
        else:
            return HttpResponse(ajax_result(message='اطلاعات ورود اشتباه است'))

Soved :

its because iterations of PBKDF2PasswordHasher in django old version is : 216000 and new version iterations is : 320000 i add this code and solved !

Password = GetUser.password
if Password.split('$')[1] == '320000':
    try:
        login(request, user)
    except AttributeError:
        return HttpResponse(ajax_result(message='auth faild'))
else:
    GetUser.set_password(raw_password=raw_password)
    GetUser.save()
    GetUser = User.objects.filter(username=GetUser.username).first()
    user = authenticate(username=GetUser.username, password=raw_password)
    try:
        login(request, user)
    except AttributeError:
        return HttpResponse(ajax_result(message='auth faild'))

CodePudding user response：

imported users hash passwords is : pbkdf2_sha256$216000$E85jHHVRM2dF$hUSxY0ih7ijkLBpey6OuyitF5y5LuuMKWdcV4zwE6Zk=

new users hash password is : pbkdf2_sha256$320000$G8JV9BEtb5XbMyZmjcTBir$5jWXFmtE9hOKTkpPf bvSXpa/LRa b0c1OY3QryFP0Q=

CodePudding user response：

its because iterations of PBKDF2PasswordHasher in django old version is : 216000 and new version iterations is : 320000 i change my code if iterations is 216000 reset password and done !