Merge pull request #12999 from edx/e0d/random-passwords

use random rather than unusable so they can be reset
2016-07-20 09:28:26 -04:00
parent 9d747fa65c 8a18b2c351
commit 95800be01f
1 changed files with 5 additions and 2 deletions
--- a/common/djangoapps/student/management/commands/manage_user.py
+++ b/common/djangoapps/student/management/commands/manage_user.py
@@ -4,7 +4,7 @@ Django users, set/unset permission bits, and associate groups by name.
 """

 from django.contrib.auth import get_user_model
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, BaseUserManager
 from django.core.management.base import BaseCommand, CommandError
 from django.db import transaction
 from django.utils.translation import gettext as _
@@ -81,7 +81,10 @@ class Command(BaseCommand):
        )

        if created:
-            user.set_unusable_password()
+            # Set the password to a random, unknown, but usable password
+            # allowing self-service password resetting.  Cases where unusable
+            # passwords are required, should be explicit, and will be handled below.
+            user.set_password(BaseUserManager().make_random_password(25))
            self.stderr.write(_('Created new user: "{}"').format(user))
        else:
            # NOTE, we will not update the email address of an existing user.