Ensure default password for TigaUser

Author: epou

tigaserver_app/migrations/0087_alter_tigauser_password.py

@@ -0,0 +1,19 @@
+# Generated by Django 3.2.25 on 2025-10-28 14:49
+
+from django.db import migrations, models
+import tigaserver_app.models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('tigaserver_app', '0086_auto_20251016_1353'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='tigauser',
+            name='password',
+            field=models.CharField(default=tigaserver_app.models.get_default_password_hash, max_length=128, verbose_name='password'),
+        ),
+    ]

tigaserver_app/models.py

@@ -19,6 +19,7 @@
 
 from django.conf import settings
 from django.contrib.auth import get_user_model
+from django.contrib.auth.hashers import make_password
 from django.contrib.auth.models import AbstractBaseUser, AnonymousUser
 from django.contrib.gis.db import models
 from django.contrib.gis.db.models.functions import Distance as DistanceFunction
@@ -170,14 +171,17 @@ class RankingData(models.Model):
     score_v2 = models.IntegerField()
     last_update = models.DateTimeField(help_text="Last time ranking data was updated", null=True, blank=True)
 
+def get_default_password_hash():
+    return make_password(settings.DEFAULT_TIGAUSER_PASSWORD)
+
 class TigaUser(UserRolePermissionMixin, AbstractBaseUser, AnonymousUser):
     AVAILABLE_LANGUAGES = [
         (standarize_language_tag(code), Language.get(code).autonym().title()) for code, _ in settings.LANGUAGES
     ]
 
     USERNAME_FIELD = 'pk'
 
-    password = models.CharField(_('password'), max_length=128, null=True, blank=True)
+    password = models.CharField(_('password'), max_length=128, default=get_default_password_hash)
 
     user_UUID = models.CharField(max_length=36, primary_key=True, default=uuid.uuid4, editable=False, help_text='UUID randomly generated on '
                                                                             'phone to identify each unique user. Must be exactly 36 '

tigaserver_app/tests/tests.py

@@ -2460,6 +2460,9 @@ def setUp(self):
         self.global_topic = NotificationTopic.objects.create(topic_code='global')
         self.language_topic = NotificationTopic.objects.create(topic_code='en')
 
+    @override_settings(
+        DEFAULT_TIGAUSER_PASSWORD='DEFAULT_PASSWORD_FOR_TESTS'
+    )
     def test_POST_new_user(self):
         self.client.force_authenticate(user=self.mobile_user)
         new_user_uuid = uuid.uuid4()
@@ -2482,6 +2485,8 @@ def test_POST_new_user(self):
 
         user = TigaUser.objects.get(pk=str(new_user_uuid))
 
+        self.assertTrue(user.check_password('DEFAULT_PASSWORD_FOR_TESTS'))
+
         # Check if the user is subscribed to the global topic
         self.assertTrue(UserSubscription.objects.filter(user=user, topic=self.global_topic).exists())
 

tigaserver_project/settings.py

@@ -32,6 +32,9 @@
 
 SECRET_KEY = 'h0v(25z3u9yquh+01+#%tj@7iyk*raq!-6)jwz+0ac^h2grd0@'
 
+# Change this in prod
+DEFAULT_TIGAUSER_PASSWORD = 'TEST_PASSWORD'
+
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = False