使用 Django 身份验证视图自定义PasswordResetView

问题描述 投票:0回答:1

嗯,我需要创建一个基于 Django 的 PasswordReset 视图的自定义视图,但是当用户已经登录时。我最初使用 PasswordChangeView 来实现此目的,但它会自动将用户重定向到 PasswordChangeForm,用户在其中输入旧密码并新密码,然后保存。但是,出于安全考虑,我被要求,当用户单击链接更改密码时,它会自动向他们发送密码重置电子邮件,显示“password_reset_done.html”并发送密码重置密码。 (不知道我是否清楚地表明我目前正在学习,这是我第一次使用堆栈溢出。

我已经有一个使用PasswordResetView的custom_password_change视图。

`def custom_password_change(request):
    if request.method == "POST":
        user = request.user

        if user.is_authenticated:
            # Call the Django built-in view for password reset
            return PasswordResetView.as_view(
                template_name='registration/password_change_form.html',
                email_template_name='registration/password_change_email.html',
                success_url='/password_change/done/'
            )(request)

    return render(request, "registration/password_change_form.html")`

但它仍然要求用户在PasswordResetForm上输入电子邮件,然后发送电子邮件。当用户单击“更改密码”并返回“password_reset_done.html”模板时,我需要它来发送电子邮件。

django django-views django-forms
1个回答
0
投票

您需要实现两个视图。 第一个视图请求电子邮件并实施发布请求以发送重置密码电子邮件。即

class PasswordRequestView(View):
    template_name = "request_password_change.html"
    email_sent_template = 'email_sent_template.html'

    def get(self, request, *args, **kwargs):
        # rendering the request password form
        return render(request, self.template_name)

    def post(self, request,  *args, **kwargs):
        data = request.POST.dict()
        email = data.get('email', None)
        print('email => ', email)
        # send the generated url to this email
        # i.e http://localhost:6065/password-change/<access_key>/
        generated_url = "http://0.0.0.0:6005/password-change/wJalrXUtnFEMIK7MDENGbPxRfiCYEXAMPLEKEY/"
        # you can send this url via email. the user will click on this url to reset pass.
        return render(request, self.email_sent_template, {"access_url": generated_url})

第二个视图捕获共享 URL(通过电子邮件)并发布重置密码的请求。即

class PasswordChangeView(View):
    template_name = "password_change_form.html"
    password_reset_success = 'password_reset_template.html'

    def get(self, request, *args, **kwargs):
        access_key = kwargs.get('access_key', '')
        print('access key => ', access_key)
        # do more validations here and return reset password form
        return render(request, self.template_name)

    def post(self, request,  *args, **kwargs):
        data = request.POST.dict()
        print(data)
        # reset password here

        return render(request, self.password_reset_success)

注意:这种情况下的网址将是这样的。

urlpatterns = [
    path('request-password-change/', views.PasswordRequestView.as_view(),
         name='request-pass-change'),
    path('password-change/<str:access_key>/',
         views.PasswordChangeView.as_view(), name='pass-change'),
]
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.