#19130 closed Cleanup/optimization (fixed)
Auth forms contain hard-coded assumptions about field length
Reported by: | Russell Keith-Magee | Owned by: | nobody |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
The auth forms contain some hardcoded assumptions about the length of the username field.
In some cases, these are reasonable -- the user creation form should reasonably check the expected length etc of the username field.
However, in other cases, it's just busy work:
- LoginForm sets max_length=30.
- PasswordResetFrom sets max_length=75 on the email field.
While it's possible for these forms to be customized by the end user, we can avoid the need for 90% of users to need to do this customization by making the defaults a little more accepting -- a length of 254 chars in both cases would allow email addresses as login, without affecting the data integrity of the actual user model.
In bfcda7781a886ab2b7b41937c0f49c088f58a3d7: