正如标题所述。
Django 1.5中是否有内置方法来处理用户密码重置? 例如:通过电子邮件重置链接?
需要为我的用户提供“忘记密码”链接。
2个回答
24
是的,有。
你可以在你的forms.py中使用这个表单。
class PassworResetForm(forms.Form):
error_messages = {
'unknown': ("That email address doesn't have an associated "
"user account. Are you sure you've registered?"),
'unusable': ("The user account associated with this email "
"address cannot reset the password."),
}
def clean_email(self):
"""
Validates that an active user exists with the given email address.
"""
UserModel = get_user_model()
email = self.cleaned_data["email"]
self.users_cache = UserModel._default_manager.filter(email__iexact=email)
if not len(self.users_cache):
raise forms.ValidationError(self.error_messages['unknown'])
if not any(user.is_active for user in self.users_cache):
# none of the filtered users are active
raise forms.ValidationError(self.error_messages['unknown'])
if any((user.password == UNUSABLE_PASSWORD)
for user in self.users_cache):
raise forms.ValidationError(self.error_messages['unusable'])
return email
def save(self, domain_override=None,
subject_template_name='registration/password_reset_subject.txt',
email_template_name='registration/password_reset_email.html',
use_https=False, token_generator=default_token_generator,
from_email=None, request=None):
"""
Generates a one-use only link for resetting password and sends to the
user.
"""
from django.core.mail import send_mail
for user in self.users_cache:
if not domain_override:
current_site = get_current_site(request)
site_name = current_site.name
domain = current_site.domain
else:
site_name = domain = domain_override
c = {
'email': user.email,
'domain': domain,
'site_name': site_name,
'uid': int_to_base36(user.pk),
'user': user,
'token': token_generator.make_token(user),
'protocol': use_https and 'https' or 'http',
}
subject = loader.render_to_string(subject_template_name, c)
# Email subject *must not* contain newlines
subject = ''.join(subject.splitlines())
email = loader.render_to_string(email_template_name, c)
send_mail(subject, email, from_email, [user.email])
你必须生成HTML模板以发送给用户:
{% autoescape off %}
You're receiving this e-mail because you requested a password reset for your user account at {{ site_name }}.
Please go to the following page and choose a new password:
{% block reset_link %}
{{ domain }}{% url 'django.contrib.auth.views.password_reset_confirm' uidb36=uid token=token %}
{% endblock %}
Your username, in case you've forgotten: {{ user.username }}
Thanks for using our site!
The {{ site_name }} team.
{% endautoescape %}
将此url添加到 urls.py 中
(r'^accounts/password/reset/$', 'django.contrib.auth.views.password_reset',
{'post_reset_redirect' : '/accounts/password/reset/done/'}),
(r'^accounts/password/reset/done/$', 'django.contrib.auth.views.password_reset_done'),
(r'^accounts/password/reset/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/$', 'django.contrib.auth.views.password_reset_confirm',
{'post_reset_redirect' : '/accounts/password/done/'}),
(r'^accounts/password/done/$', 'django.contrib.auth.views.password_reset_complete'),
为每个URL创建一个模板。
- Gidrek
1
3建议:移除错误信息可能是个好主意。如果只提示“邮件已发送”,就不会泄露任何有关系统注册用户身份的信息。 - Wisco crew
1
你可以使用默认的django-admin urls
在你的urls.py中添加
在你的urls.py中添加
url('^', include('django.contrib.auth.urls')),
在settings.py中添加电子邮件凭据# using gmail as my smtp server
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'example@gmail.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_PORT = 587
- Phillip Kigenyi
网页内容由stack overflow 提供, 点击上面的可以查看英文原文,
原文链接
原文链接