Can't login to django admin with superuser loaded via fixtures

Question

I added superuser via fixtures:

python manage.py loaddata data.json

Here my data.json:

    [
      {
        "pk": 1,
        "model": "auth.user",
        "fields": {
            "username": "admin",
            "first_name": "admin",
            "last_name": "admin",
            "is_active": true,
            "is_superuser": true,
            "is_staff": true,
            "groups": [],
            "user_permissions": [],
            "password": "admin",
            "email": "[email protected]"
        }
    }
    ]

Then I try to login to admin but had error:

"Please enter the correct username and password for a staff account. Note that both fields may be case-sensitive."

The output

dumpdata auth.user --indent 4 > output.json

show thet

[
{
    "pk": 1, 
    "model": "auth.user", 
    "fields": {
        "username": "admin", 
        "first_name": "admin", 
        "last_name": "admin", 
        "is_active": true, 
        "is_superuser": true, 
        "is_staff": true, 
        "last_login": "2017-09-17T13:01:51.009Z", 
        "groups": [], 
        "user_permissions": [], 
        "password": "admin", 
        "email": "[email protected]", 
        "date_joined": "2017-09-17T13:01:51.009Z"
    }
}
]

I use django1.6 and sqlite3

What i'm wrong?

Answer 1

Like all well-behaved web frameworks, Django stores passwords as hashes. Hashes are, by design, one-way: you cannot get a user's password from the stored hash.

I suspect that loaddata simply inserts data as-is into your database. The fact that dumpdata shows "password": "admin" confirms this. You won't be able to log in as a user created that way since no password will ever hash to "admin".

The best solution is probably to create an admin user with your desired password via createsuperuser, then use dumpdata to generate your fixture. createsuperuser will take care of hashing your password. You should see a long, random-looking string in the password field.