我有下面的视图,它利用了来自Django的内置SetPasswordForm。表单本身要求您使用用户对其进行初始化(settings.AUTH\用户\模型)创建时。你知道吗
该视图验证uid/token get参数(或允许经过身份验证的用户),然后向用户显示表单。我有正确创建表单的GET请求,但是有更好的方法吗?你知道吗
设置当前的最佳方法是什么self.init\u用户在POST请求中:添加用户.pk作为SetPasswordForm的隐藏字段还是设置会话对象?你知道吗
from django.views.generic.edit import FormView
from django.contrib.auth.forms import SetPasswordForm
class PasswordResetView(FormView):
"""
Reset user password. Either with provided uid/token get parameters
or if the user is logged in.
"""
template_name = 'users/password_reset.html'
form_class = SetPasswordForm
success_url = 'home'
init_user = None
def corrupt_link_redirect(self, request):
messages.error(
self.request,
user_strings.PASSWORD_RESET_INVALID_LINK
)
return redirect('forgot_password')
def get_form(self):
form_class = self.get_form_class()
if not self.init_user:
return Http404() ## Refine this
return form_class(self.init_user, **self.get_form_kwargs())
def post(self, request, *args, **kwargs):
## *****************************
## EITHER NEED TO INCLUDE THE USER.PK IN THE SetPasswordForm OR
## PUT IT IN A SESSION SO WE CAN SET self.init_user TO PREVENT
## THE get_form() METHOD FROM 404'ING
## *****************************
return super(PasswordResetView, self).post(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
if request.user.is_authenticated:
## User is logged in so present them with the password reset form
self.init_user = request.user
return super(PasswordResetView, self).get(request, *args, **kwargs)
try:
uidb64 = request.GET.get('uid')
token = request.GET.get('token')
if uidb64 is None or token is None:
return self.corrupt_link_redirect(request) ## Failure redirect
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
return self.corrupt_link_redirect(request) ## Failure redirect
if user is not None and PasswordResetTokenGenerator().check_token(user, token):
self.init_user = user
return super(PasswordResetView, self).get(request, *args, **kwargs)
return self.corrupt_link_redirect(request) ## Failure redirect
def form_valid(self, form):
try:
form.save(self.request)
except User.DoesNotExist:
pass
messages.success(
self.request,
user_strings.PASSWORD_RESET_SUCCESS + \
user_strings.PASSWORD_RESET_SUCCESS_LOGIN_REMINDER if not self.request.user.is_authenticated else ''
)
return super(PasswordResetView, self).is_valid(form)
目前没有回答
相关问题 更多 >
编程相关推荐