Ticket #18170: confirm_password_reset-1.4.diff

File confirm_password_reset-1.4.diff, 2.8 KB (added by thomas.david.vaughan@…, 3 years ago)

Patch against Django 1.4.

  • new file django/contrib/auth/utils.py

    diff --git a/django/contrib/auth/utils.py b/django/contrib/auth/utils.py
    new file mode 100644
    index 0000000..93e044a
    - +  
     1from django.contrib.auth.models import User
     2from django.contrib.auth.tokens import default_token_generator
     3from django.utils.http import base36_to_int
     4
     5def confirm_password_reset(uidb36, token, token_generator=default_token_generator):
     6    try:
     7        uid_int = base36_to_int(uidb36)
     8        user = User.objects.get(id=uid_int)
     9    except (ValueError, User.DoesNotExist):
     10        user = None
     11
     12    return user, token_generator.check_token(user, token) if user else False
     13
  • django/contrib/auth/views.py

    diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
    index c86ef53..e990abc 100644
    a b from django.conf import settings 
    44from django.core.urlresolvers import reverse
    55from django.http import HttpResponseRedirect, QueryDict
    66from django.template.response import TemplateResponse
    7 from django.utils.http import base36_to_int
    87from django.utils.translation import ugettext as _
    98from django.views.decorators.debug import sensitive_post_parameters
    109from django.views.decorators.cache import never_cache
    from django.views.decorators.csrf import csrf_protect 
    1413from django.contrib.auth import REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout
    1514from django.contrib.auth.decorators import login_required
    1615from django.contrib.auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
    17 from django.contrib.auth.models import User
    1816from django.contrib.auth.tokens import default_token_generator
     17from django.contrib.auth.utils import confirm_password_reset
    1918from django.contrib.sites.models import get_current_site
    2019
    2120
    def password_reset_confirm(request, uidb36=None, token=None, 
    194193    assert uidb36 is not None and token is not None # checked by URLconf
    195194    if post_reset_redirect is None:
    196195        post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
    197     try:
    198         uid_int = base36_to_int(uidb36)
    199         user = User.objects.get(id=uid_int)
    200     except (ValueError, User.DoesNotExist):
    201         user = None
     196    user, validlink = confirm_password_reset(uidb36, token, token_generator=token_generator)
    202197
    203     if user is not None and token_generator.check_token(user, token):
    204         validlink = True
     198    if user is not None and validlink:
    205199        if request.method == 'POST':
    206200            form = set_password_form(user, request.POST)
    207201            if form.is_valid():
    def password_reset_confirm(request, uidb36=None, token=None, 
    210204        else:
    211205            form = set_password_form(None)
    212206    else:
    213         validlink = False
    214207        form = None
    215208    context = {
    216209        'form': form,
Back to Top