Django Multi user field issue

[GCiTek Dev]

class User(AbstractBaseUser, PermissionsMixin):

id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)

email = models.EmailField(_('email address'), blank=True, null=True)

mobile = models.CharField(_('mobile'), unique=True, max_length=20)

first_name = models.CharField(_('first name'), max_length=30, blank=True)

last_name = models.CharField(_('last name'), max_length=30, blank=True)

date_joined = models.DateTimeField(_('date joined'), auto_now_add=True)

is_active = models.BooleanField(_('active'), default=True)

is_staff = models.BooleanField(_('staff'), default=True)

is_member = models.BooleanField(_('member'), default=False)

is_guest = models.BooleanField(_('guest'), default=True)

avatar = models.ImageField(upload_to='avatars/', null=True, blank=True)

role = models.CharField(_('role'), max_length=100, blank=True, null=True)

birth_date = models.DateField(null=True, blank=True)

gender = models.CharField(max_length=100, blank=True)

qrimage_url = models.CharField(max_length=255, blank=True)

memb_id = models.CharField(max_length=255, blank=True, null=True,unique=True)

objects = UserManager()

USERNAME_FIELD = 'memb_id'

Note: Hoe can it possible to login with mobile and memb_id

[Kasper Laudrup]

> Note: *Hoe can it possible to login with mobile and memb_id*
> *
> *
>

Hard to know what you're asking here.

Do you have a bug/security issue where it's possible for an attacker to
login by only knowing the mobile and member_id fields? Then just sharing
the model is definitely not enough to help you solve that.

Do you actually want it to be possible to login by only providing these
two field values? Should be very simple to do, but then you can hardly
consider the user to be authenticated in any way.

What exactly are you trying to solve/achieve?

Kind regards,

Kasper Laudrup