How can I convert plaintext password to django passwords when importing users?

Question

Im trying to setup a djangoproject to handle many users (20 k) .

Im importing the users from an excel file, where the users password is in plain-text (I know, this is bad!)

Im using https://github.com/bmihelac/django-import-export to do my importing, but the import function does not do any converting of the password.

What could I do to store the password correctly?

Answer 1

You can import this function directly from django:

from django.contrib.auth.hashers import make_password

and pass the raw password to it before saving.

Answer 2

You should hash your password before importing by overriding the method before_import_row

like this:

    from import_export import resources, fields
    from import_export.admin import ImportExportModelAdmin
    from django.contrib.auth.hashers import make_password

    class UserResource(resources.ModelResource):

       groups = fields.Field(
           column_name='group_name',
           attribute='groups',
           widget=ManyToManyWidget(Group, ',','name')
       )
       def before_import_row(self,row, **kwargs):
           value = row['password']
           row['password'] = make_password(value)
       class Meta:
           model = User