mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset.
This commit is contained in:
parent
975a76a964
commit
0814566bf1
1
AUTHORS
1
AUTHORS
@ -381,6 +381,7 @@ answer newbie questions, and generally made Django that much better:
|
||||
Jonathan Feignberg <jdf@pobox.com>
|
||||
Jonathan Slenders
|
||||
Jordan Dimov <s3x3y1@gmail.com>
|
||||
Jordi J. Tablada <jordi.joan@gmail.com>
|
||||
Jorge Bastida <me@jorgebastida.com>
|
||||
Jorge Gajon <gajon@gajon.org>
|
||||
José Tomás Tocino García <josetomas.tocino@gmail.com>
|
||||
|
@ -411,6 +411,7 @@ class PasswordResetDoneView(PasswordContextMixin, TemplateView):
|
||||
|
||||
class PasswordResetConfirmView(PasswordContextMixin, FormView):
|
||||
form_class = SetPasswordForm
|
||||
post_reset_login = False
|
||||
success_url = reverse_lazy('password_reset_complete')
|
||||
template_name = 'registration/password_reset_confirm.html'
|
||||
title = _('Enter new password')
|
||||
@ -438,7 +439,9 @@ class PasswordResetConfirmView(PasswordContextMixin, FormView):
|
||||
return kwargs
|
||||
|
||||
def form_valid(self, form):
|
||||
form.save()
|
||||
user = form.save()
|
||||
if self.post_reset_login:
|
||||
auth_login(self.request, user)
|
||||
return super(PasswordResetConfirmView, self).form_valid(form)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
@ -80,6 +80,10 @@ Minor features
|
||||
``password_reset_confirm()``, and ``password_reset_complete()`` function-based
|
||||
views.
|
||||
|
||||
* The new ``post_reset_login`` attribute for
|
||||
:class:`~django.contrib.auth.views.PasswordResetConfirmView` allows
|
||||
automatically logging in a user after a successful password reset.
|
||||
|
||||
:mod:`django.contrib.contenttypes`
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
@ -1480,6 +1480,10 @@ implementation details see :ref:`using-the-views`.
|
||||
will default to ``default_token_generator``, it's an instance of
|
||||
``django.contrib.auth.tokens.PasswordResetTokenGenerator``.
|
||||
|
||||
* ``post_reset_login``: A boolean indicating if the user should be
|
||||
automatically authenticated after a successful password reset. Defaults
|
||||
to ``False``.
|
||||
|
||||
* ``form_class``: Form that will be used to set the password. Defaults to
|
||||
:class:`~django.contrib.auth.forms.SetPasswordForm`.
|
||||
|
||||
|
@ -307,6 +307,14 @@ class PasswordResetTest(AuthViewsTestCase):
|
||||
self.assertEqual(response.status_code, 302)
|
||||
self.assertURLEqual(response.url, '/password_reset/')
|
||||
|
||||
def test_confirm_login_post_reset(self):
|
||||
url, path = self._test_confirm_start()
|
||||
path = path.replace('/reset/', '/reset/post_reset_login/')
|
||||
response = self.client.post(path, {'new_password1': 'anewpassword', 'new_password2': 'anewpassword'})
|
||||
self.assertEqual(response.status_code, 302)
|
||||
self.assertURLEqual(response.url, '/reset/done/')
|
||||
self.assertIn(SESSION_KEY, self.client.session)
|
||||
|
||||
def test_confirm_display_user_from_form(self):
|
||||
url, path = self._test_confirm_start()
|
||||
response = self.client.get(path)
|
||||
|
@ -85,6 +85,8 @@ urlpatterns = auth_urlpatterns + [
|
||||
views.PasswordResetConfirmView.as_view(success_url='/custom/')),
|
||||
url(r'^reset/custom/named/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',
|
||||
views.PasswordResetConfirmView.as_view(success_url=reverse_lazy('password_reset'))),
|
||||
url(r'^reset/post_reset_login/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',
|
||||
views.PasswordResetConfirmView.as_view(post_reset_login=True)),
|
||||
url(r'^password_change/custom/$',
|
||||
views.PasswordChangeView.as_view(success_url='/custom/')),
|
||||
url(r'^password_change/custom/named/$',
|
||||
|
Loading…
Reference in New Issue
Block a user