Back to Top
Auth password reset URLs
- django.contrib.auth's password reset URLs contain a base36-encoded user ID (/reset/<user-id>/<token>/). The password reset feature breaks if the user ID is not an integer (because base36 can only express integers).
- Encode the user ID in a URL-safe variant of base64. This is a backwards-incompatible change that breaks "old-style" password reset URLs, but backwards compatibility should be very easy to implement if required.
- Alternative proposals
Download in other formats: