From de2bb73904009313bae3664ef71edfd60df9912b Mon Sep 17 00:00:00 2001 From: David D Lowe Date: Wed, 23 Oct 2024 18:20:36 +0100 Subject: [PATCH] Doc'd that unusable passwords are defined by metadata in the password field. --- docs/ref/contrib/auth.txt | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/ref/contrib/auth.txt b/docs/ref/contrib/auth.txt index c8699a2913..103aff8e0b 100644 --- a/docs/ref/contrib/auth.txt +++ b/docs/ref/contrib/auth.txt @@ -54,7 +54,8 @@ Fields Required. A hash of, and metadata about, the password. (Django doesn't store the raw password.) Raw passwords can be arbitrarily long and can - contain any character. See the :doc:`password documentation + contain any character. The metadata in this field may mark the password + as unusable. See the :doc:`password documentation `. .. attribute:: groups @@ -175,8 +176,9 @@ Methods .. method:: set_unusable_password() - Marks the user as having no password set. This isn't the same as - having a blank string for a password. + Marks the user as having no password set by updating the metadata in + the :attr:`~django.contrib.auth.models.User.password` field. This isn't + the same as having a blank string for a password. :meth:`~django.contrib.auth.models.User.check_password()` for this user will never return ``True``. Doesn't save the :class:`~django.contrib.auth.models.User` object.