Fixed #7723 - implemented a secure password reset form that uses a token and... (fcd837cd) · Commits · Dom Sekotill / django

django/conf/global_settings.py

+3 −0

Original line number	Diff line number	Diff line
		@@ -366,6 +366,9 @@ LOGOUT_URL = '/accounts/logout/'

		LOGIN_REDIRECT_URL = '/accounts/profile/'

		# The number of days a password reset link is valid for
		PASSWORD_RESET_TIMEOUT_DAYS = 3

		###########
		# TESTING #
		###########

0 → 100644

+14 −0

Original line number	Diff line number	Diff line
		{% extends "admin/base_site.html" %}
		{% load i18n %}

		{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../">{% trans 'Home' %}</a> &rsaquo; {% trans 'Password reset' %}</div>{% endblock %}

		{% block title %}{% trans 'Password reset complete' %}{% endblock %}

		{% block content %}

		<h1>{% trans 'Password reset complete' %}</h1>

		<p>{% trans "Your password has been set. You may go ahead and log in now." %}</p>

		{% endblock %}

0 → 100644

+32 −0

Original line number	Diff line number	Diff line
		{% extends "admin/base_site.html" %}
		{% load i18n %}

		{% block breadcrumbs %}<div class="breadcrumbs"><a href="../">{% trans 'Home' %}</a> &rsaquo; {% trans 'Password reset confirmation' %}</div>{% endblock %}

		{% block title %}{% trans 'Password reset' %}{% endblock %}

		{% block content %}

		{% if validlink %}

		<h1>{% trans 'Enter new password' %}</h1>

		<p>{% trans "Please enter your new password twice so we can verify you typed it in correctly." %}</p>

		<form action="" method="post">
		{% if form.new_password1.errors %}{{ form.new_password1.errors }}{% endif %}
		<p class="aligned wide"><label for="id_new_password1">{% trans 'New password:' %}</label>{{ form.new_password1 }}</p>
		{% if form.new_password2.errors %}{{ form.new_password2.errors }}{% endif %}
		<p class="aligned wide"><label for="id_new_password2">{% trans 'Confirm password:' %}</label>{{ form.new_password2 }}</p>
		<p><input type="submit" value="{% trans 'Change my password' %}" /></p>
		</form>

		{% else %}

		<h1>{% trans 'Password reset unsuccessful' %}</h1>

		<p>{% trans "The password reset link was invalid, possibly because it has already been used. Please request a new password reset." %}

		{% endif %}

		{% endblock %}

+1 −1

Original line number	Diff line number	Diff line
		@@ -9,6 +9,6 @@

		<h1>{% trans 'Password reset successful' %}</h1>

		<p>{% trans "We've e-mailed a new password to the e-mail address you submitted. You should be receiving it shortly." %}</p>
		<p>{% trans "We've e-mailed you instructions for setting your password to the e-mail address you submitted. You should be receiving it shortly." %}</p>

		{% endblock %}

+7 −7

Original line number	Diff line number	Diff line
		{% load i18n %}
		{% load i18n %}{% autoescape off %}
		{% trans "You're receiving this e-mail because you requested a password reset" %}
		{% blocktrans %}for your user account at {{ site_name }}{% endblocktrans %}.

		{% blocktrans %}Your new password is: {{ new_password }}{% endblocktrans %}

		{% trans "Feel free to change this password by going to this page:" %}

		http://{{ domain }}/password_change/

		{% trans "Please go to the following page and choose a new password:" %}
		{% block reset_link %}
		{{ protocol }}://{{ domain }}/reset/{{ uid }}-{{ token }}/
		{% endblock %}
		{% trans "Your username, in case you've forgotten:" %} {{ user.username }}

		{% trans "Thanks for using our site!" %}

		{% blocktrans %}The {{ site_name }} team{% endblocktrans %}

		{% endautoescape %}