New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redirect to home page after successful password change #468
Comments
The only way to do that now is override the PasswordChangeView (see the success_url property). |
@addremove, that will indeed make the password change view redirect to the home page. However, the "endless cycle" of password change->login occurs due to @pennersr, is there any reason why changing passwords doesn't redirect to, say, the login page? This would be the net effect of redirecting to the change password page, but without the To anyone who wants the behavior described above, I fixed it like so: # views.py
class LoginAfterPasswordChangeView(PasswordChangeView):
@property
def success_url(self):
return reverse_lazy('account_login')
login_after_password_change = login_required(LoginAfterPasswordChangeView.as_view()) # urls.py
url(r'^accounts/password/change/$', views.login_after_password_change,
name='account_change_password'), # Place before allauth urls to override
url(r'^accounts/', include('allauth.urls')),
... |
`allauth` defaults to a loop in which changing your password redirects you to the login page, which redirects you to change your password, which redirects you... Change this behavior so that a successful password change just prompts you to log in (which can redirect wherever it wants, the home page in this case). See pennersr/django-allauth#468 for more.
One question: I've written the code as above. The new url is caught by url.conf, so I know that its using the new class that subclasses PasswordChangeView. But, the new property from success_url seems to be ignored. Is there something I am missing? That is to say nothing is being overridden. |
Hm, you're not missing anything to my knowledge. (This solution works for me) |
Just to check, here is what I have profiles/urls.py:
profiles/views.py:
This should result in:
Neither of these happen. It just seems to pass through and use everything in PasswordChangeView. Note: if I add this block to allauth/account/views.py, then it redirects to /unknown/ |
Your URL pattern should likely read |
Actually I didn't make this clear. I think I have covered all of your concerns. See below. The main urls.conf grabs the url that I am using, '/accounts/profile/password/change/' with this entry:
Then profiles.urls reads as noted above. |
Okay, I've made some progress, based on your questions. For the main urls.py:
And, from profiles/views.py:
|
I understand now. Even though my first entry point was with my custom class, subsequently the template that was used posted this way:
So once this was submitted, the data was posted not to the url that pointed to my custom view, but to the allauth/account view that I was trying to override. Thanks again. |
Hey guys, how can i make it so that after a password change i don't get logged out? I am able to do the redirect but it always logges me out before which i do not want.. |
@psychok7 it looks like in Django 1.7 they updated the auth engine to log a user out when they change their own password. I got this working with django-allauth by overriding the form_valid method of the PasswordChangeView class and adding in update_session_auth_hash(request, user), as per the Django docs: My views.py:
And my urls.py:
|
@benedwards44 thanks for that. it makes sense to me that a password reset would invalidate all sessions, but revalidate the current session only. |
@benedwards44 thanks works great |
@benedwards44 thanks |
@benedwards44 will this keep the user logged in after they change their password but just update the current users session? |
@Omnipresent that's correct, the user will stay logged in. |
@benedwards44 that works great (django 1.11) and thanks, mate, for the snippet. Just what I needed. I presume allauth is not being actively maintained any longer, howsomever useful. |
This issue seems to have started about redirecting to an url after successful change of the password and, somehow, have evolved into re-validating the session after the password change. I just checked with allauth version 0.36 and the session was valid after the password change, so there is no need for custom code. As far as the redirect is concerned, I came to think that it is more appropriate to show the password change form in a modal, thus, the user will just exit out of, and there will be no need to redirect. |
This is still broken. I am on django-allauth 0.39.1 and django 1.11. After successful password change I am always redirected back to reset password page (/accounts/password/change/) . I also tried to use ACCOUNT_LOGOUT_REDIRECT_URL="/" and even ACCOUNT_LOGIN_ON_PASSWORD_RESET=True but those options are completely ignored :( |
Problem solved. To fix the URL of the page after the password has been changed and the user has logged: First, override allauth url:
Second, change
That's all. |
if you working on templates then you need to create a specific template file or html file which will redirect you to the home page. Also you need to put your template file in below location only ! templates(folder)/registration(folder)/password_reset_complete.html add below code inside your password_reset_complete.html file. Do not forget to create a login.html file also (at the same location)
|
Can be done solely in from allauth.account import views as allauth_views
from django.contrib.auth.decorators import login_required
from django.urls import reverse_lazy
urlpatterns = [
path(
'account/password/change/',
login_required(
allauth_views.PasswordChangeView.as_view(
success_url=reverse_lazy('some_path_name')
)
),
name='account_change_password'
),
# after custom pattern
path('account/', include('allauth.urls')),
] |
Don't forget to add login_required() decorator since the decorator is added explicitly on allauth side.
|
Note that for most fresh installs nowadays, |
This should be in the documentation, thank you! |
Try to change password at /accounts/password/change. It will offer you to change password again. How can I specify the url redirect to?
The text was updated successfully, but these errors were encountered: