Ticket #18170: confirm_password_reset-1.3.1.diff

File confirm_password_reset-1.3.1.diff, 2.8 KB (added by thomas.david.vaughan@…, 3 years ago)

Patch against Django 1.3.1.

  • new file django/contrib/auth/utils.py

    diff --git a/django/contrib/auth/utils.py b/django/contrib/auth/utils.py
    new file mode 100644
    index 0000000..93e044a
    - +  
     1from django.contrib.auth.models import User
     2from django.contrib.auth.tokens import default_token_generator
     3from django.utils.http import base36_to_int
     4
     5def confirm_password_reset(uidb36, token, token_generator=default_token_generator):
     6    try:
     7        uid_int = base36_to_int(uidb36)
     8        user = User.objects.get(id=uid_int)
     9    except (ValueError, User.DoesNotExist):
     10        user = None
     11
     12    return user, token_generator.check_token(user, token) if user else False
     13
  • django/contrib/auth/views.py

    diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
    index eba83a2..00a176b 100644
    a b from django.core.urlresolvers import reverse 
    55from django.http import HttpResponseRedirect, QueryDict
    66from django.shortcuts import render_to_response
    77from django.template import RequestContext
    8 from django.utils.http import base36_to_int
    98from django.utils.translation import ugettext as _
    109from django.views.decorators.cache import never_cache
    1110from django.views.decorators.csrf import csrf_protect
    from django.views.decorators.csrf import csrf_protect 
    1413from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout
    1514from django.contrib.auth.decorators import login_required
    1615from django.contrib.auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
    17 from django.contrib.auth.models import User
    1816from django.contrib.auth.tokens import default_token_generator
     17from django.contrib.auth.utils import confirm_password_reset
    1918from django.contrib.sites.models import get_current_site
    2019
    2120
    def password_reset_confirm(request, uidb36=None, token=None, 
    186185    assert uidb36 is not None and token is not None # checked by URLconf
    187186    if post_reset_redirect is None:
    188187        post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
    189     try:
    190         uid_int = base36_to_int(uidb36)
    191         user = User.objects.get(id=uid_int)
    192     except (ValueError, User.DoesNotExist):
    193         user = None
    194 
    195     if user is not None and token_generator.check_token(user, token):
    196         validlink = True
     188    user, validlink = confirm_password_reset(uidb36, token, token_generator=token_generator)
     189
     190    if user is not None and validlink:
    197191        if request.method == 'POST':
    198192            form = set_password_form(user, request.POST)
    199193            if form.is_valid():
    def password_reset_confirm(request, uidb36=None, token=None, 
    202196        else:
    203197            form = set_password_form(None)
    204198    else:
    205         validlink = False
    206199        form = None
    207200    context = {
    208201        'form': form,
Back to Top