Override Django Form.is_valid()

For this project I won’t be using Django’s built-in user authentication application. It’s a bit restrictive for my taste (but getting better in Django 1.5 from what I can tell).

One common use case is to validate the user’s username and password when logging in. Rather than place this logic within the view, it’s cleaner to override the default is_valid method with some additional logic that checks the password.

Here’s an example form with a username and password field. The username field allows either a username or email address, and I’m using Django’s built-in password hasher.


from django import forms
from app.models import User
from django.contrib.auth.hashers import check_password
from django.db.models import Q
class SignInForm(forms.Form):
username = forms.CharField(max_length=User._meta.get_field('email').max_length)
password = forms.CharField(min_length=6, max_length=16, widget=forms.PasswordInput())
go = forms.CharField(required=False, max_length=50, widget=forms.HiddenInput())
def is_valid(self):
# run the parent validation first
valid = super(SignInForm, self).is_valid()
# we're done now if not valid
if not valid:
return valid
# so far so good, get this user based on the username or email
user = User.objects.get(
Q(username=self.cleaned_data['username']) | Q(email=self.cleaned_data['username'])
# no user with this username or email address
except User.DoesNotExist:
self._errors['no_user'] = 'User does not exist'
return False
# verify the passwords match
if not check_password(self.cleaned_data['password'], user.password):
self._errors['invalid_password'] = 'Password is invalid'
return False
# all good
return True

view raw


hosted with ❤ by GitHub

You can then simply use form.is_valid() in your view:


if form.is_valid():
# … logic to login the user …
# redirect to a protected page
return HttpResponseRedirect(reverse('account'))

view raw


hosted with ❤ by GitHub

6 thoughts on “Override Django Form.is_valid()”

  1. How do you display the errors in the template?
    using ” {{ form.errors }} ” causes it to display errors like this “invalid_passwordPassword is invalid”

    1. You can display the errors for a specific field like this:

      {{ form.fieldname.errors }}

      You can optionally use striptags to remove any Django formatting:

      {{ form.fieldname.errors|striptags }}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s