Code

Ticket #18170: confirm_password_reset-1.3.1.diff

File confirm_password_reset-1.3.1.diff, 2.8 KB (added by thomas.david.vaughan@…, 2 years ago)

Patch against Django 1.3.1.

Line 
1diff --git a/django/contrib/auth/utils.py b/django/contrib/auth/utils.py
2new file mode 100644
3index 0000000..93e044a
4--- /dev/null
5+++ b/django/contrib/auth/utils.py
6@@ -0,0 +1,13 @@
7+from django.contrib.auth.models import User
8+from django.contrib.auth.tokens import default_token_generator
9+from django.utils.http import base36_to_int
10+
11+def confirm_password_reset(uidb36, token, token_generator=default_token_generator):
12+    try:
13+        uid_int = base36_to_int(uidb36)
14+        user = User.objects.get(id=uid_int)
15+    except (ValueError, User.DoesNotExist):
16+        user = None
17+
18+    return user, token_generator.check_token(user, token) if user else False
19+
20diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
21index eba83a2..00a176b 100644
22--- a/django/contrib/auth/views.py
23+++ b/django/contrib/auth/views.py
24@@ -5,7 +5,6 @@ from django.core.urlresolvers import reverse
25 from django.http import HttpResponseRedirect, QueryDict
26 from django.shortcuts import render_to_response
27 from django.template import RequestContext
28-from django.utils.http import base36_to_int
29 from django.utils.translation import ugettext as _
30 from django.views.decorators.cache import never_cache
31 from django.views.decorators.csrf import csrf_protect
32@@ -14,8 +13,8 @@ from django.views.decorators.csrf import csrf_protect
33 from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout
34 from django.contrib.auth.decorators import login_required
35 from django.contrib.auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
36-from django.contrib.auth.models import User
37 from django.contrib.auth.tokens import default_token_generator
38+from django.contrib.auth.utils import confirm_password_reset
39 from django.contrib.sites.models import get_current_site
40 
41 
42@@ -186,14 +185,9 @@ def password_reset_confirm(request, uidb36=None, token=None,
43     assert uidb36 is not None and token is not None # checked by URLconf
44     if post_reset_redirect is None:
45         post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
46-    try:
47-        uid_int = base36_to_int(uidb36)
48-        user = User.objects.get(id=uid_int)
49-    except (ValueError, User.DoesNotExist):
50-        user = None
51-
52-    if user is not None and token_generator.check_token(user, token):
53-        validlink = True
54+    user, validlink = confirm_password_reset(uidb36, token, token_generator=token_generator)
55+
56+    if user is not None and validlink:
57         if request.method == 'POST':
58             form = set_password_form(user, request.POST)
59             if form.is_valid():
60@@ -202,7 +196,6 @@ def password_reset_confirm(request, uidb36=None, token=None,
61         else:
62             form = set_password_form(None)
63     else:
64-        validlink = False
65         form = None
66     context = {
67         'form': form,