use random rather than unusable so they can be reset

8a18b2c3 · e0d · 6e7d4cef · 8a18b2c3
Commit 8a18b2c3 authored Jul 14, 2016 by e0d
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

common/djangoapps/student/management/commands/manage_user.py
+5 -2

No files found.
--- a/common/djangoapps/student/management/commands/manage_user.py
+++ b/common/djangoapps/student/management/commands/manage_user.py
@@ -4,7 +4,7 @@ Django users, set/unset permission bits, and associate groups by name.
 """

 from django.contrib.auth import get_user_model
-from django.contrib.auth.models import Group
+from django.contrib.auth.models import Group, BaseUserManager
 from django.core.management.base import BaseCommand, CommandError
 from django.db import transaction
 from django.utils.translation import gettext as _
@@ -81,7 +81,10 @@ class Command(BaseCommand):
        )

        if created:
-            user.set_unusable_password()
+            # Set the password to a random, unknown, but usable password
+            # allowing self-service password resetting.  Cases where unusable
+            # passwords are required, should be explicit, and will be handled below.
+            user.set_password(BaseUserManager().make_random_password(25))
            self.stderr.write(_('Created new user: "{}"').format(user))
        else:
            # NOTE, we will not update the email address of an existing user.