Overview
The reset_admin_password management command resets the password for the admin user to match the password defined in the ADMIN_PASSWORD setting. This is useful when deploying to different environments or when the admin password needs to be synchronized with environment configuration.
This command is automatically called by reset_demo after reloading initial data to ensure the admin account is accessible.
Usage
python manage.py reset_admin_password
Command Arguments
This command does not accept any arguments or options.
Configuration
The command reads the password from Django settings:
The password to set for the admin user. This should be defined in your Django settings file or environment variables.# settings.py
ADMIN_PASSWORD = os.environ.get('ADMIN_PASSWORD', 'changeme')
What It Does
The command performs a simple operation:
Find Admin User
Looks up the user with username “admin” in the database
Set Password
Updates the admin user’s password to match settings.ADMIN_PASSWORD using Django’s secure password hashing
Save Changes
Saves only the password field to the database
Examples
Basic Usage
python manage.py reset_admin_password
With Environment Variable
# Set password via environment variable
export ADMIN_PASSWORD="my-secure-password-123"
# Reset password
python manage.py reset_admin_password
# Test login
python manage.py shell -c "from django.contrib.auth import authenticate; print(authenticate(username='admin', password='my-secure-password-123'))"
In Deployment Script
#!/bin/bash
# deploy.sh
set -e
# Load environment configuration
source .env
# Run migrations
python manage.py migrate
# Reset admin password from .env file
python manage.py reset_admin_password
# Start server
python manage.py runserver
Source Code Location
bakerydemo/base/management/commands/reset_admin_password.py
Implementation
The command is straightforward:
from django.conf import settings
from django.contrib.auth.models import User
from django.core.management.base import BaseCommand, CommandError
class Command(BaseCommand):
def handle(self, **options):
try:
admin_user = User.objects.get(username="admin")
except User.DoesNotExist:
raise CommandError("Cannot find admin user.")
admin_user.set_password(settings.ADMIN_PASSWORD)
admin_user.save(update_fields=["password"])
Error Handling
Admin User Not Found
If the admin user doesn’t exist in the database:
django.core.management.base.CommandError: Cannot find admin user.
load_initial_data command. Run that first:
python manage.py load_initial_data
python manage.py reset_admin_password
Missing ADMIN_PASSWORD Setting
If ADMIN_PASSWORD is not defined in settings:
AttributeError: 'Settings' object has no attribute 'ADMIN_PASSWORD'
# settings.py
import os
ADMIN_PASSWORD = os.environ.get('ADMIN_PASSWORD', 'changeme')
Security Considerations
Password Security:
- Never commit
ADMIN_PASSWORD values to version control
- Use strong, randomly generated passwords in production
- Store passwords in environment variables or secret management systems
- Rotate admin passwords regularly
Recommended Configuration
Development (.env.local)
Production (Environment Variables)
# Use secret management or secure environment variables
ADMIN_PASSWORD=$(openssl rand -base64 32)
Settings Configuration
# settings.py
import os
from pathlib import Path
# Load from environment with validation
ADMIN_PASSWORD = os.environ.get('ADMIN_PASSWORD')
if not ADMIN_PASSWORD:
if DEBUG:
ADMIN_PASSWORD = 'changeme' # Development default
else:
raise ValueError("ADMIN_PASSWORD must be set in production")
Use Cases
Environment Synchronization
When deploying to multiple environments (dev, staging, production), each can have its own admin password:
# development.env
ADMIN_PASSWORD=dev_password_123
# staging.env
ADMIN_PASSWORD=staging_secure_456
# production.env
ADMIN_PASSWORD=prod_very_secure_789
Automated Testing
In CI/CD pipelines, set a known password for automated tests:
# .github/workflows/test.yml
steps:
- name: Run tests
env:
ADMIN_PASSWORD: test_password
run: |
python manage.py reset_admin_password
python manage.py test
Password Recovery
If you forget the admin password, reset it via the command:
# Update .env file
echo "ADMIN_PASSWORD=new_password_123" >> .env
# Load environment and reset
source .env
python manage.py reset_admin_password
# Now login with new password
Integration with Other Commands
This command is automatically called by:
reset_demo: After reloading data to ensure password matches environment
# In reset_demo command
call_command('load_initial_data')
call_command('reset_admin_password') # Ensure password is correct
Admin User Details
The admin user created by initial data:
- Username:
admin
- Email: Defined in fixture data
- Permissions: Superuser with all permissions
- Password: Set via
ADMIN_PASSWORD setting
Alternative Methods
Django changepassword Command
Django provides a built-in interactive command:
python manage.py changepassword admin
Django Shell
Manually reset via Django shell:
from django.contrib.auth.models import User
admin_user = User.objects.get(username='admin')
admin_user.set_password('new_password')
admin_user.save()
Wagtail Admin
Reset via the Wagtail admin interface (if you have access):
- Login to
/admin/
- Go to Settings → Users
- Edit the admin user
- Set new password
Best Practices
- Use Environment Variables: Store
ADMIN_PASSWORD in environment, not code
- Different Passwords: Use different passwords per environment
- Strong Passwords: Generate random, strong passwords for production
- Document Access: Keep secure record of admin credentials
- Regular Rotation: Change admin password periodically
- Audit Access: Monitor admin login attempts
See Also
