Version 1 (modified by 14 years ago) ( diff ) | ,
---|
Auth password reset URLs
- Problem
django.contrib.auth
's password reset URLs contain a base36-encoded user ID (/reset/<user-id>/<token>/
). The password reset feature breaks if the user ID is not an integer (because base36 can only express integers).- Solution
- Encode the user ID in a URL-safe variant of base64. This is a backwards-incompatible change that breaks "old-style" password reset URLs, but backwards compatibility should be very easy to implement if required.
- Alternative proposals
- None
Note:
See TracWiki
for help on using the wiki.