Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Unify and isolate password changes in password change views

ChangePasswordView and PasswordResetTokenView both change the password of the
acting user. Their APIs are now unified.

ChangePasswordView used to rely on the form to set the user's password. This
has been moved to the view as the correct place for this behavior. This is
backwards incompatible for forms that overrode ChangePasswordForm.save to
modify the password setting behavior.

PasswordResetTokenView has been unified with the new API given to
ChangePasswordView. The password_changed signal is now fired from the view
when the password is changed.

The new API now isolates the password change behavior from actions to take
after the password has been changed on the User model or any other behavior
a site developer needs to take when password is being changed.
  • Loading branch information...
commit 5db1fb63437345a5b908a06bc4a1b5bb2d609656 1 parent 3ea658f
@brosner brosner authored
Showing with 15 additions and 7 deletions.
  1. +0 −4 account/forms.py
  2. +15 −3 account/views.py
View
4 account/forms.py
@@ -141,10 +141,6 @@ def clean_password_new_confirm(self):
if self.cleaned_data["password_new"] != self.cleaned_data["password_new_confirm"]:
raise forms.ValidationError(_("You must type the same password each time."))
return self.cleaned_data["password_new_confirm"]
-
- def save(self, user):
- user.set_password(self.cleaned_data["password_new"])
- user.save()
class PasswordResetForm(forms.Form):
View
18 account/views.py
@@ -389,7 +389,12 @@ def post(self, *args, **kwargs):
def change_password(self, form):
user = self.request.user
- form.save(user)
+ user.set_password(form.cleaned_data["password_new"])
+ user.save()
+
+ def after_change_password(self):
+ user = self.request.user
+ signals.password_changed.send(sender=ChangePasswordView, user=user)
if settings.ACCOUNT_NOTIFY_ON_PASSWORD_CHANGE:
self.send_email(user)
if self.messages.get("password_changed"):
@@ -398,7 +403,6 @@ def change_password(self, form):
self.messages["password_changed"]["level"],
self.messages["password_changed"]["text"]
)
- signals.password_changed.send(sender=ChangePasswordForm, user=user)
def get_form_kwargs(self):
"""
@@ -414,6 +418,7 @@ def get_form_kwargs(self):
def form_valid(self, form):
self.change_password(form)
+ self.after_change_password()
return redirect(self.get_success_url())
def get_context_data(self, **kwargs):
@@ -528,16 +533,23 @@ def get_context_data(self, **kwargs):
})
return ctx
- def form_valid(self, form):
+ def change_password(self, form):
user = self.get_user()
user.set_password(form.cleaned_data["password"])
user.save()
+
+ def after_change_password(self):
+ signals.password_changed.send(sender=PasswordResetTokenView, user=user)
if self.messages.get("password_changed"):
messages.add_message(
self.request,
self.messages["password_changed"]["level"],
self.messages["password_changed"]["text"]
)
+
+ def form_valid(self, form):
+ self.change_password(form)
+ self.after_change_password()
return redirect(self.get_success_url())
def get_redirect_field_name(self):

0 comments on commit 5db1fb6

Please sign in to comment.
Something went wrong with that request. Please try again.