Opened 7 years ago
Closed 6 years ago
#28780 closed New feature (fixed)
Allow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN
Reported by: | Meiyer | Owned by: | robinh00d |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | yes | UI/UX: | no |
Description
Since this parameter appears in the URL of the forgotten password reset request (= part of the public interface of the website), it would be nice if websites could customize the value.
Change History (17)
comment:1 by , 7 years ago
Component: | Uncategorized → contrib.auth |
---|---|
Summary: | Ability to customize INTERNAL_RESET_URL_TOKEN → Allow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN |
Triage Stage: | Unreviewed → Accepted |
comment:2 by , 7 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:3 by , 7 years ago
comment:5 by , 7 years ago
I think the configuration that will allow the easiest customization is a class attribute such as:
class PasswordResetConfirmView(PasswordContextMixin, FormView): reset_token_placeholder = INTERNAL_RESET_URL_TOKEN
Then it can be used in urls.py with
url('<pattern>', PasswordResetConfirmView.as_view(reset_token_placeholder='wachtwoord-aanduiding'), name='password_reset_confirm')
Because of the format limitations on the <token> parameter (two alphanumeric strings separated by a hyphen), it will be useful to add instructions to the documentation so that developers do not accidentally break their password reset functionality.
comment:7 by , 7 years ago
Has patch: | set |
---|---|
Version: | 1.11 → master |
comment:8 by , 7 years ago
Needs documentation: | set |
---|---|
Needs tests: | set |
comment:9 by , 6 years ago
Owner: | removed |
---|---|
Status: | assigned → new |
comment:10 by , 6 years ago
Owner: | set to |
---|---|
Status: | new → assigned |
comment:11 by , 6 years ago
PR for this ticket has been submitted:
https://github.com/django/django/pull/11189
comment:12 by , 6 years ago
Needs documentation: | unset |
---|---|
Needs tests: | unset |
Triage Stage: | Accepted → Ready for checkin |
follow-up: 14 comment:13 by , 6 years ago
Triage Stage: | Ready for checkin → Accepted |
---|---|
UI/UX: | unset |
Please do not mark your own PRs as "Ready for checkin" (see triage-workflow).
comment:14 by , 6 years ago
Replying to felixxm:
Please do not mark your own PRs as "Ready for checkin" (see triage-workflow).
My apologies.
comment:15 by , 6 years ago
Needs tests: | set |
---|
comment:16 by , 6 years ago
Needs tests: | unset |
---|
How this parameter should be customizable? Settings?