mirror of https://github.com/django/django.git
Fixed #27045 -- Documented that AUTH_PASSWORD_VALIDATORS aren't applied at the model level.
This commit is contained in:
parent
176f27049e
commit
796cc62026
|
@ -461,11 +461,17 @@ meet the requirements, and optionally receive passwords that have been set.
|
||||||
Validators can also have optional settings to fine tune their behavior.
|
Validators can also have optional settings to fine tune their behavior.
|
||||||
|
|
||||||
Validation is controlled by the :setting:`AUTH_PASSWORD_VALIDATORS` setting.
|
Validation is controlled by the :setting:`AUTH_PASSWORD_VALIDATORS` setting.
|
||||||
By default, validators are used in the forms to reset or change passwords.
|
|
||||||
The default for the setting is an empty list, which means no validators are
|
The default for the setting is an empty list, which means no validators are
|
||||||
applied. In new projects created with the default :djadmin:`startproject`
|
applied. In new projects created with the default :djadmin:`startproject`
|
||||||
template, a simple set of validators is enabled.
|
template, a simple set of validators is enabled.
|
||||||
|
|
||||||
|
By default, validators are used in the forms to reset or change passwords and
|
||||||
|
in the :djadmin:`createsuperuser` and :djadmin:`changepassword` management
|
||||||
|
commands. Validators aren't applied at the model level, for example in
|
||||||
|
``User.objects.create_user()`` and ``create_superuser()``, because we assume
|
||||||
|
that developers, not users, interact with Django at that level and also because
|
||||||
|
model validation doesn't automatically run as part of creating models.
|
||||||
|
|
||||||
.. note::
|
.. note::
|
||||||
|
|
||||||
Password validation can prevent the use of many types of weak passwords.
|
Password validation can prevent the use of many types of weak passwords.
|
||||||
|
|
Loading…
Reference in New Issue