Opened 15 months ago

Last modified 13 months ago

#28780 assigned New feature

Allow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN

Reported by: Meiyer Owned by: Tim G.
Component: contrib.auth Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: yes
Needs tests: yes Patch needs improvement: no
Easy pickings: yes UI/UX: yes


Since this parameter appears in the URL of the forgotten password reset request (= part of the public interface of the website), it would be nice if websites could customize the value.

Change History (8)

comment:1 Changed 15 months ago by Tim Graham

Component: Uncategorizedcontrib.auth
Summary: Ability to customize INTERNAL_RESET_URL_TOKENAllow customizing PasswordResetConfirmView's INTERNAL_RESET_URL_TOKEN
Triage Stage: UnreviewedAccepted

comment:2 Changed 15 months ago by Tim G.

Owner: changed from nobody to Tim G.
Status: newassigned

comment:3 Changed 15 months ago by Tim G.

How this parameter should be customizable? Settings?

comment:4 Changed 15 months ago by Tim Graham

It could be a class attribute on the view.

comment:5 Changed 15 months ago by Meiyer

I think the configuration that will allow the easiest customization is a class attribute such as:

class PasswordResetConfirmView(PasswordContextMixin, FormView):
    reset_token_placeholder = INTERNAL_RESET_URL_TOKEN

Then it can be used in with


Because of the format limitations on the <token> parameter (two alphanumeric strings separated by a hyphen), it will be useful to add instructions to the documentation so that developers do not accidentally break their password reset functionality.

comment:7 Changed 14 months ago by Claude Paroz

Has patch: set
Version: 1.11master

comment:8 Changed 13 months ago by Tim Graham

Needs documentation: set
Needs tests: set
Note: See TracTickets for help on using tickets.
Back to Top