diff --git a/django/contrib/admin/static/admin/css/login.css b/django/contrib/admin/static/admin/css/login.css index 8d90d12901..8872ade70b 100644 --- a/django/contrib/admin/static/admin/css/login.css +++ b/django/contrib/admin/static/admin/css/login.css @@ -52,3 +52,6 @@ body.login { padding: 1em 0 0 9.4em; } +.login .password-reset-link { + text-align: center; +} diff --git a/django/contrib/admin/templates/admin/login.html b/django/contrib/admin/templates/admin/login.html index a6cd6a7d6c..c008957d1b 100644 --- a/django/contrib/admin/templates/admin/login.html +++ b/django/contrib/admin/templates/admin/login.html @@ -1,5 +1,6 @@ {% extends "admin/base_site.html" %} {% load i18n admin_static %} +{% load url from future %} {% block extrastyle %}{{ block.super }}{% endblock %} @@ -38,6 +39,12 @@ + {% url 'admin_password_reset' as password_reset_url %} + {% if password_reset_url %} + + {% endif %}
diff --git a/docs/releases/1.4.txt b/docs/releases/1.4.txt index b067e2c413..1ab34d80bc 100644 --- a/docs/releases/1.4.txt +++ b/docs/releases/1.4.txt @@ -546,6 +546,11 @@ Django 1.4 also includes several smaller improvements worth noting: For more details, see the documentation for :meth:`~django.db.models.query.QuerySet.distinct`. +* The admin login page will add a password reset link if you include a URL with + the name `'admin_password_reset'` in your urls.py, so plugging in the builtin + password reset mechanism and making it available is now much easier. For + details, see :ref:`auth_password_reset`. + Backwards incompatible changes in 1.4 ===================================== diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index 1cfccfc5e0..626e7c4b89 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -371,6 +371,34 @@ Don't set the :attr:`~django.contrib.auth.models.User.password` attribute directly unless you know what you're doing. This is explained in the next section. +.. _auth_password_reset: + +User-requested password resets +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +There is a bundled reset mechanism that integrates into the admin, allowing +users to reset their passwords by email. It can be customized and is described +in detail below under :func:`~django.contrib.auth.views.password_reset`. To +enable it without customization, add lines something like the following to your +urls.py: + +.. code-block:: python + + url(r'^admin/password_reset/$', 'django.contrib.auth.views.password_reset', name='admin_password_reset'), + (r'^admin/password_reset/done/$', 'django.contrib.auth.views.password_reset_done'), + (r'^reset/(?P[0-9A-Za-z]+)-(?P.+)/$', 'django.contrib.auth.views.password_reset_confirm'), + (r'^reset/done/$', 'django.contrib.auth.views.password_reset_complete'), + +(This assumes you've added the admin at ``admin/``, and requires that you put +the URLs starting with ``^admin/`` before the line that includes the admin app +itself). + +.. versionchanged:: 1.4 + +The presence of the 'admin_password_reset' named URL will cause a "forgotten +your password?" link to appear on the default admin login page under the +password box. + .. _auth_password_storage: How Django stores passwords