Opened 17 months ago

Last modified 6 hours ago

#28780 new New feature

Allow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN

Reported by: Meiyer Owned by:
Component: contrib.auth Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: yes
Needs tests: yes Patch needs improvement: no
Easy pickings: yes UI/UX: yes


Since this parameter appears in the URL of the forgotten password reset request (= part of the public interface of the website), it would be nice if websites could customize the value.

Change History (9)

comment:1 Changed 17 months ago by Tim Graham

Component: Uncategorizedcontrib.auth
Summary: Ability to customize INTERNAL_RESET_URL_TOKENAllow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN
Triage Stage: UnreviewedAccepted

comment:2 Changed 17 months ago by Tim G.

Owner: changed from nobody to Tim G.
Status: newassigned

comment:3 Changed 17 months ago by Tim G.

How this parameter should be customizable? Settings?

comment:4 Changed 17 months ago by Tim Graham

It could be a class attribute on the view.

comment:5 Changed 17 months ago by Meiyer

I think the configuration that will allow the easiest customization is a class attribute such as:

class PasswordResetConfirmView(PasswordContextMixin, FormView):
    reset_token_placeholder = INTERNAL_RESET_URL_TOKEN

Then it can be used in with


Because of the format limitations on the <token> parameter (two alphanumeric strings separated by a hyphen), it will be useful to add instructions to the documentation so that developers do not accidentally break their password reset functionality.

comment:7 Changed 16 months ago by Claude Paroz

Has patch: set
Version: 1.11master

comment:8 Changed 15 months ago by Tim Graham

Needs documentation: set
Needs tests: set

comment:9 Changed 6 hours ago by Tim Graham

Owner: Tim G. deleted
Status: assignednew
Note: See TracTickets for help on using tickets.
Back to Top