Django account management part - password modification and reset

Important: change password, reset password by email
Last article: User login and registration
Video: Just take a look at this

Change Password

In general, the password modification process is that the user clicks the password modification and jumps to the password modification page, where the old password and the new password are entered. If the old password of the user passes the verification, the old password is replaced with the new password and saved to the database.

Django has built-in password modification method. We can use its built-in method to complete the operation of password modification.

Django provides a method to modify the password based on the class view. We don't need to write the program in views.py anymore. Here are the specific steps.

  • Write urls.py under account:
urlpatterns = [
    ......
    path('password-change/',auth_views.PasswordChangeView.as_view(
    						template_name="account/password_change_form.html"
        					success_url="/account/password-change-done/"),
         					name='password_change')
    path('pasword-change-done/',auth_views.PasswordChangeDoneView.as_view(
    							template_name="account/password_change_done.html"),
        						name='password_change_done')
]

The auth_views. Password change view. As_view() method is used in the first path 'password change /', where the parameter

  • Template name is the page to jump to when the user submits the password modification request, that is, the page where the user needs to fill in the new and old passwords.

  • Success? URL is the link to jump when the user completes the password modification. When the user completes the password modification, it will jump to a page to remind the user that the password modification has been completed.

In the second path 'password change done /', when auth_views.PasswordChangeDoneView.as_view(), configure the page to jump after password modification.

  • Write template file

    According to the path writing rules, we need to write two template files.

    Create a new password? Change? Form.html file in the account file in the templates file:

    {% extends "base.html" %}
    {% load staticfiles %}
    {% block title %}Password modification{% endblock %}
    {% block content %}
    <div class="row text-center">
    <div>
    <h1>Password modification</h1>
        {% if form.new_password1.help_text %}
        <p class="text-center">{{ form.new_password1.help_text|safe }}</p>
        {% endif %}
    </div>
        {% if next %}
    <form action="{% url 'account:login' %}?next={{ next }}" method="post" class="form-horizontal">
        {% else %}
        <form action="{% url 'account:login' %}" method="post" class="form-horizontal">
            {% endif %}
        {% csrf_token %}
        <div class="form-group">
            <label for="old-password">Old password:</label>
            {{ form.old_password }}
        </div>
        <div class="form-group">
            <label for="new-password1">New password:</label>
            {{ form.new_password1 }}
        </div>
        <div class="form-group">
            <label for="new-password2">Confirm password:</label>
            {{ form.new_password2 }}
        </div>
        <input type="submit" value="Submission" class="btn btn-lg btn-primary "/>
    </form>
    </div>
    {% endblock %}
    

    Generally, the password can only be changed when the user is logged in, so it is necessary to determine whether the user has logged in before the user modifies the password.

    In password? Change? Form.html, modify the form submission address:

    {% if next %}
    <form action="{% url 'account:login' %}?next={{ next }}" method="post" class="form-horizontal">
    {% else %}
    <form action="{% url 'account:login' %}" method="post" class="form-horizontal">
    {% endif %}
    

    {% if next%}, {% else%}, {% endif%} and so on are the conditional judgment statements of template statements.

    The page after password modification is very simple. In the account file in the templates file, create a new password ﹣ change ﹣ done.html file:

    {% extends "base.html" %}
    {% load staticfiles %}
    {% block title%} password modification completed {% endblock%}
    {% block content %}
    <div class="text-center">
        After password modification, click to return to the login page</a>
    </div>
    {% endblock %}
    

Password Reset

When the user forgets the password, the password needs to be reset. Django also provides a class based view method to help users reset the password using the mailbox. The basic steps to reset the password are as follows:

  • User's email address when registering
  • A link will be sent to the mailbox in the background
  • The user clicks the link to jump to the page of filling in the new password.
  • After the user submits the new password, the original password will be modified.

Write urls.py as follows:

urlpatterns=[
    ......
    path('password-reset/', auth_views.PasswordResetView.as_view(
        template_name='account/password_reset_form.html',
        email_template_name='account/password_reset_email.html',
        success_url='/account/password-reset-done/'),
         name="password_reset"),
    path('password-reset-done/', auth_views.PasswordResetDoneView.as_view(
        template_name='account/password_reset_done.html'),
         name="password_reset_done"),
]
  • The first passowrd reset / path uses the PasswordResetView view view class, with three parameters:

Template  name ='account / password  reset  form. HTML 'defines the template page corresponding to this path, that is, the page where the user fills in the mailbox.

Email? Template? Name ='account / password? Reset? Email. HTML 'defines what is sent to the user's mailbox.

Success [url = '/ Account / password reset done /') defines the link to jump after sending the mailbox. Note the format of link writing.

  • Password reset done / path is the template page after defining the mailbox sending. It uses the PasswordResetDoneView view class,

    Template ﹣ name ='account / password ﹣ reset ﹣ done. HTML 'is the corresponding template page.

Here is how to write the template page according to the url.

Create a new password "reset" form.html in the account folder under the templates file

{% extends "base.html" %}
{% load staticfiles %}
{% block title %}Retrieve password{% endblock %}
{% block content %}
<div class="row text-center">
<h1>Retrieve password</h1>
<form action="." method="post" class="form-horizontal">
    {% csrf_token %}
    <div class="form-group">
        <label for="email">Mailbox:</label>
        {{ form.email }}
    </div>
    <input type="submit" value="Send mail" class="btn btn-primary btn-lg"/>
</form>
</div>
{% endblock %}

The file is simple. It's a form for users to fill in their mailbox.

Write password? Reset? Email.html:

<p>{{user. Username}} < / P >, Hello, you received this email because you are resetting your password,
Reset password click {protocol}}: / / {domain}} {% URL "account: password" reset "uidb64 = uid token = token%}

This is what we want to send like a user's mailbox.

When the user's email is completed, remind the user to write password "reset" done.html:

{% extends "base.html" %}
{% load staticfiles %}
{% block title%} email sent {% endblock%}
{% block content %}
< p class = "text center" > the email has been sent to your mailbox, and you will receive the password reset link later</p>
{% endblock %}

There is a link in the content we sent to the user's mailbox, which allows the user to fill in a new password. Configure the link below, and write urls.py:

urlptterns=[
    ......
     path('password-reset-confirm/<uidb64>/<token>/',    						        		auth_views.PasswordResetConfirmView.as_view(
        template_name="account/password_reset_confirm.html",
        success_url="/account/password-reset-complete/"),
         name='password_reset_confirm'),
    path('password-reset-complete/', auth_views.PasswordResetCompleteView.as_view(
        template_name="account/password_reset_complete.html"),
         name="password_reset_complete")
    
]
  • Password reset confirm / / / path uses the PasswordResetConfirmView view class, parameter

Template ﹣ name = "account / password ﹣ reset ﹣ confirm.html is the page where the user fills in the new password,

Success_url = "/ Account / password reset complete /") enables the user to reset the password and then jump to the page link.

Create a new account / password "reset" confirm.html:

{% extends "base.html" %}
{% load staticfiles %}
{% block title %}Password reset authentication{% endblock %}
{% block content %}
<div class="row" class="text-center">
<form action="." method="post" class="form-horizontal">
    {% csrf_token %}
    <div class="form-group">
    <label for="new_password1">New password:</label>
    {{ form.new_password1 }}
    </div>
    <div class="form-group">
        <label for="new_password2">Confirm password:</label>
        {{ form.new_password2 }}
    </div>
    <input type="submit" value="Submission" class="btn btn-lg btn-primary"/>
</form>
</div>
{% endblock %}
  • The path password reset complete uses the PasswordResetCompleteView class: parameters

    Template ﹣ name = "account / password ﹣ reset ﹣ complete. HTML" enables users to jump to the page after completing the operation.

    Create a new password? Reset? Complete.html:

    {% extends "base.html" %}
    {% load staticfiles %}
    {% block title%} password reset completed {% endblock%}
    {% block content %}
    The password has been reset. Click to return to the login page</a></p>
    {% endblock %}
    

At this point, the password reset is basically completed, but you need to set the mailbox, that is, which mailbox to send mail to the user, and write settings.py:

EMAIL_HOST = 'smtp.163.com'
EMAIL_HOST_USER = "username@163.com"
EMAIL_HOST_PASSWORD = "**********"
EMAIL_PORT = 25
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = "username@163.com"

Note that the above settings require your mailbox to open related services (smtp,imap,pop, etc.), and different mailboxes need different settings.

Published 3 original articles, won praise 0, visited 261
Private letter follow

Tags: Django Database

Posted on Tue, 11 Feb 2020 03:57:41 -0800 by tbone05420