堆棧內存溢出
  簡體   English   中英

為什么django 1.6在contrib.auth.views.password_reset_confirm視圖上將“ form”設置為“ none”?

[英]Why is django 1.6 setting “form” to “none” on the contrib.auth.views.password_reset_confirm view?

 原文  2014-02-19 18:59:16       python/ django/ django-registration/ django-1.6

問題描述

我正在使用django 1.6和django-registration 1.0。

我不得不在django-registration上修補這些URL,因為它們截至2014年2月19日尚未發布其更新。

除password_reset_confirm之外,所有密碼重置URL /視圖均有效。

在我的主要urls.py文件中,我有以下內容: 

url(r'^accounts/', include('registration.backends.simple.urls')),

在注冊/后端/簡單/ urls.py上,我有這個: 

from django.conf.urls import include
from django.conf.urls import patterns
from django.conf.urls import url
from django.views.generic.base import TemplateView

from registration.backends.simple.views import RegistrationView


urlpatterns = patterns('',
                       url(r'^register/$',
                           RegistrationView.as_view(),
                           name='registration_register'),
                       url(r'^register/closed/$',
                           TemplateView.as_view(template_name='registration/registration_closed.html'),
                           name='registration_disallowed'),
                       (r'', include('registration.auth_urls')),
                       )

from django.contrib.auth import views as auth_views

# THIS IS A PATCH added by me !!!
urlpatterns = patterns('',

      # override the default urls
      url(r'^password/change/$',
                    auth_views.password_change,
                    name='password_change'),
      url(r'^password/change/done/$',
                    auth_views.password_change_done,
                    name='password_change_done'),
      url(r'^password/reset/$',
                    auth_views.password_reset,
                    name='password_reset'),
      url(r'^password/reset/done/$',
                    auth_views.password_reset_done,
                    name='password_reset_done'),
      url(r'^password/reset/complete/$',
                    auth_views.password_reset_complete,
                    name='password_reset_complete'),
      url(r'^password/reset/confirm/(?P<uidb64>[0-9A-Za-z]+)-(?P<token>.+)/$',
                    auth_views.password_reset_confirm,
                    name='password_reset_confirm'),

      # and now add the registration urls
      url(r'', include('registration.backends.default.urls')),
)

Django1.6 django / contrib / auth / views.py具有password_reset_confirm的功能: 

# Doesn't need csrf_protect since no-one can guess the URL
@sensitive_post_parameters()
@never_cache
def password_reset_confirm(request, uidb64=None, token=None,
                           template_name='registration/password_reset_confirm.html',
                           token_generator=default_token_generator,
                           set_password_form=SetPasswordForm,
                           post_reset_redirect=None,
                           current_app=None, extra_context=None):
    """
    View that checks the hash in a password reset link and presents a
    form for entering a new password.
    """
    UserModel = get_user_model()
    assert uidb64 is not None and token is not None  # checked by URLconf
    if post_reset_redirect is None:
        post_reset_redirect = reverse('password_reset_complete')
    else:
        post_reset_redirect = resolve_url(post_reset_redirect)
    try:
        uid = urlsafe_base64_decode(uidb64)
        user = UserModel._default_manager.get(pk=uid)
    except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
        user = None

    if user is not None and token_generator.check_token(user, token):
        validlink = True
        if request.method == 'POST':
            form = set_password_form(user, request.POST)
            if form.is_valid():
                form.save()
                return HttpResponseRedirect(post_reset_redirect)
        else:
            form = set_password_form(None)
    else:
        validlink = False
        form = None
    context = {
        'form': form,
        'validlink': validlink,
    }
    if extra_context is not None:
        context.update(extra_context)
    return TemplateResponse(request, template_name, context,
                            current_app=current_app)

因此,token_generator.check_token(user,token)返回False或user == None。

最大的痛苦是,這只是隨機發生(在我看來是這樣)。 因此調試很痛苦。 有時它可以工作( {{ form }}呈現輸入),而常常失敗( {{ form }}呈現“ None”代替輸入標記)

任何幫助將非常感激。

1 個解決方案

解決方案1
 0 已采納  2014-02-19 19:42:42

由於某種原因, token_generator.check_token(user, token)正在確定時間戳/ uid已被篡改。 這意味着需要一個新令牌,並且需要生成此類令牌。

從模板中,我將檢測到{{ form }}為“ None”。 如果是這種情況,我將放置一個鏈接,以重新啟動整個過程。 

{% if form != None %}
    <div class="modal-body">
        <p>Type in a new password. Try not to forget this one!</p>
        {{ form }}
    </div>
    <div class="modal-footer">
        <button type="submit" class="btn btn-primary"><span>Continue</span></button>
    </div>
{% else %}
    <div class="modal-body">
        <p>This link has expired. You'll need to click "Reset Password" again.</p>
        <p><a class="btn btn-primary" href="{% url 'auth_password_reset' %}">Reset Password</a></p>
    </div>
{% endif %}

這很重要,因為如果您沒有安裝django-bootstrap-form,它將窒息並拋出500錯誤。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 路徑已棄用(django.contrib.auth.views.password_reset_confirm) NoReverseMatch:反向為``django.contrib.auth.views.password_reset_confirm&#39;&#39; password_reset行185中的&#39;str&#39;對象不可調用/django/contrib/auth/views.py “AttributeError: module 'django.contrib.auth.views' has no attribute 'password_reset'” urls.py 中的錯誤 Django內置了用於密碼重置的身份驗證視圖-表單未顯示 如何在Django中更改contrib.auth.views.password_change視圖文本? 密碼重置django 1.6 貢獻驗證重置密碼錯誤 django視圖的password_reset_confirm.html 在Django 1.6中重置密碼
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM