Use Django 1.11 reset and login mechanism

Fixes a bug in authtools with Django 1.11 where if you reset a password for a user while logged in you would get an error
fusionbox · Sep 19, 2017 · 71ebc56 · 71ebc56
1 parent 1e34e02
commit 71ebc56
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/authtools/views.py b/authtools/views.py
@@ -394,12 +394,20 @@ def save_form(self, form):
 
 class PasswordResetConfirmAndLoginView(PasswordResetConfirmView):
     success_url = resolve_url_lazy(settings.LOGIN_REDIRECT_URL)
+    post_reset_login = True
 
     def save_form(self, form):
         ret = super(PasswordResetConfirmAndLoginView, self).save_form(form)
         user = auth.authenticate(username=self.user.get_username(),
                                  password=form.cleaned_data['new_password1'])
-        auth.login(self.request, user)
+
+        if INTERNAL_RESET_SESSION_TOKEN and INTERNAL_RESET_URL_TOKEN:
+            # post_reset_login will log the user in in Django 1.11. We don't
+            # need to do it here. But we do have to set the backend.
+            self.post_reset_login_backend = user.backend
+        else:
+            auth.login(self.request, user)
+
         return ret