堆栈内存溢出
  简体   繁体   English

检查现有密码并重置密码

[英]Check existing password and reset password

 原文  2013-05-22 20:25:18       django/ django-models/ django-forms/ django-admin/ django-views

问题描述

views.py to save the password: views.py 保存密码:

elif 'reset_password' in request.POST:
    if request.POST['reset_password'].strip():
    saveuser = User.objects.get(id=user.id)
    saveuser.set_password(request.POST['reset_password']);
    saveuser.save()
    userform = UserForm(instance=saveuser)
    return redirect('incident.views.about_me')

popup box to get the old password and new password弹出框获取旧密码和新密码

<div id="overlay_form" style="display:none">
    <form  method="post" action=".">
        {% csrf_token %}
        <h2>Reset Password</h2><br />
        <table>
      <tr><td>Enter your old password</td><td>
        <input type="text" name="old_password" id="old_password" maxlength="30" /></td></tr>
      <tr><td>Enter your new password</td><td><input type="text" name="new_password" id="new_password" maxlength="30" /></td></tr>
     <tr><td>Confirm your new password</td><td><input type="text" name="reset_password" id="reset_password" maxlength="30" /></td></tr>
      </table>
        <div style="width:180px;float:right;margin:20px 5px 0 10px">
            {% include "buttons/save.html" %}
            <button style="margin-right:10px;" type="button" id="close" name="cancel" class="forward backicon">
                <img src="{{ STATIC_URL }}images/button-icon-ir-back.png" width="12" height="17" alt="" />
            Cancel</button>
        </div>
    </form>
</div>

I am able to save the new password,but i want to know the following things我可以保存新密码,但我想知道以下内容

  • How to check the entered old password is correct with existing password.如何使用现有密码检查输入的旧密码是否正确。

  • How to validate new password field and confirm password field.Which validation is better to perform.如何验证新密码字段和确认密码字段。哪个验证更好执行。

Need some help.需要一些帮助。

4 个解决方案

解决方案1
 5  2013-05-22 20:49:00

This is how you would check for old password - before the set_password ,这是您检查旧密码的方式 - 在set_password之前,

user.check_password(request.POST['reset_password'])

Also, check for password confirmation in the following way.另外,通过以下方式检查密码确认。

elif 'reset_password' in request.POST:
    old_password = request.POST['old_password'].strip()
    reset_password = request.POST['reset_password'].strip()
    new_password = request.POST['new_password'].strip()

    if old_password && reset_password && reset_password == new_password:
        saveuser = User.objects.get(id=user.id)
        if user.check_password(old_password):
            saveuser.set_password(request.POST['reset_password']);
            saveuser.save()

            userform = UserForm(instance=saveuser)

        return redirect('incident.views.about_me')

It is a much better approach to use a form .使用form是一种更好的方法。

解决方案2
 1  2017-02-15 15:56:42

Django Code to check if the password entered by user matches the actual old password; Django Code 检查用户输入的密码是否与实际的旧密码匹配; if it does not, raise validation error in django form.如果没有,则以 Django 形式引发验证错误。 Also, update the password if both of the passwords match.此外,如果两个密码匹配,请更新密码。

Tested on (Django 1.10, Python 3.4)测试(Django 1.10,Python 3.4)

forms.py表格.py

from django import forms从 Django 导入表单

class changePassForm(forms.Form):类 changePassForm(forms.Form):

old_password_flag = True #Used to raise the validation error when it is set to False

old_password = forms.CharField(label="Old Password", min_length=6, widget=forms.PasswordInput())
new_password = forms.CharField(label="New Password", min_length=6, widget=forms.PasswordInput())
re_new_password = forms.CharField(label="Re-type New Password", min_length=6, widget=forms.PasswordInput())

def set_old_password_flag(self): 

#This method is called if the old password entered by user does not match the password in the database, which sets the flag to False

    self.old_password_flag = False

    return 0

def clean_old_password(self, *args, **kwargs):
    old_password = self.cleaned_data.get('old_password')

    if not old_password:
        raise forms.ValidationError("You must enter your old password.")

    if self.old_password_flag == False:
    #It raise the validation error that password entered by user does not match the actucal old password.

        raise forms.ValidationError("The old password that you have entered is wrong.")

    return old_password

views.py视图.py

def settings(request):定义设置(请求):

if request.user.is_authenticated:

    form = changePassForm(request.POST or None)

    old_password = request.POST.get("old_password")
    new_password = request.POST.get("new_password")
    re_new_password = request.POST.get("re_new__password")

    if request.POST.get("old_password"):

        user = User.objects.get(username= request.user.username)

        #User entered old password is checked against the password in the database below.
        if user.check_password('{}'.format(old_password)) == False:
            form.set_old_password_flag()

    if form.is_valid():

        user.set_password('{}'.format(new_password))
        user.save()
        update_session_auth_hash(request, user)

        return redirect('settings')

    else:
        return render(request, 'settings.html', {"form": form})

else:
    return redirect('login')

settings.html设置.html

<h1>Settings Page</h1>

<h2>Change Password</h2>

<form action="" method="POST">

    {% csrf_token %}

    {{ form.as_p }}

    <input type="Submit" value="Update"></input>

</form>

解决方案3
 0  2016-03-31 06:06:02

<form class="form-horizontal" action="/your_views/reset_password/" method="post">
                            {% csrf_token %}
                            <div class="form-group">
                                <div class="col-md-12">
                                    <input type="password" placeholder="Old password" id="old_password" name="old_password" autocomplete="off" required class="form-control">
                                </div>
                            </div>
                            <div class="form-group">
                                <div class="col-md-12">
                                    <input type="password" placeholder="New password" id="password1" name="password1" autocomplete="off" required class="form-control">
                                </div>
                            </div>
                            <div class="form-group">
                                <div class="col-md-12">
                                    <input type="password" placeholder="Re-new password" id="password2" name="password2" autocomplete="off" required class="form-control">
                                </div>
                            </div>
                            <div class="form-group">
                                <div class="col-md-12">
                                    <button type="submit" class="btn btn-block btn-success" style="background: #00A79D;">Reset</button>
                                </div>
                            </div>                         
                        </form>

解决方案4
 0  2020-06-29 09:34:08

I implemented a method for Sign In with JWT and what it does is:我实现了一个使用 JWT 登录的方法,它的作用是:

  1. Fetches the email and password that is send with the request and converts it into a string variable获取随请求发送的电子邮件和密码并将其转换为字符串变量
  2. I check if the email already exists in the custom user model i made.我检查电子邮件是否已存在于我制作的自定义用户模型中。
  3. If the user already exists, i convert the object model to dictionary so that i can get its particular password.如果用户已经存在,我将对象模型转换为字典,以便我可以获得其特定的密码。
  4. In that i match the password corresponding to user model and the password that is send with the post request.我匹配与用户模型对应的密码和随 post 请求发送的密码。
  5. if the email exists in the user model and the password corresponding to that user model matches the password that is sent with the post request i use the pyJWT to make the JWT with my custom data and return the response.如果电子邮件存在于用户模型中,并且与该用户模型对应的密码与随发布请求一起发送的密码匹配,我将使用 pyJWT 使用我的自定义数据创建 JWT 并返回响应。
  6. In all other cases the email and password don't match and i return "No Match"在所有其他情况下,电子邮件和密码不匹配,我返回“不匹配”

Suppose the request is {"email":"xyz@gmail.com", "password":"12345" }假设请求是 {"email":"xyz@gmail.com", "password":"12345" }

    @api_view(['POST'])
    def signin(request):

    email = list(request.data.values())[0] #gets email value from post request {"email":"xyz@gmail.com", "password":"123"} -> this xyz@gmail.com
    password = list(request.data.values())[1] #gets password value from post request {"email":"xyz@gmail.com", "password":"123"} -> this 123

    usr = User.objects.filter(email=email).exists() #checks if email exists
    if usr:
      dictionary = User.objects.filter(email=email).values()[0] #converts object to dictionary for accessing data like dictionary["password"] dictionary["first_name"] etc
      if usr and dictionary["password"] == password: #check if email and its corresponing password stored matches the password that is sent
        branch = dictionary["branch"]
        id = dictionary["id"]
        encoded_jwt = jwt.encode({'email': email,}, 'secret', algorithm='HS256')
        return Response({'token':encoded_jwt,'email':email,'branch':branch,'id':id})
      else: 
        return Response({'No Match'})
    return Response({'No Match'})

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 django 1.6.5密码重置电子邮件检查有效链接 - django 1.6.5 password reset email check validlink Django NoReverseMatch at / accounts / password / reset /用于密码重置 - Django NoReverseMatch at /accounts/password/reset/ for password reset Django 密码重置 - Django Password Reset 美味+密码重置 - Tastypie + Password reset /password-reset/ 处的 SMTPAuthenticationError - SMTPAuthenticationError at /password-reset/ Django密码重置多个 - Django Password Reset Multiple 密码重置django 1.6 - Password reset django 1.6 django身份验证和密码重置 - django authentication and password reset Djoser 密码重置实现 - Djoser password reset implementation 覆盖Django密码重置 - Override Django Password Reset
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM