def password_reset(request, template):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
was_valid = form.is_valid()
if was_valid:
# TODO: We aren't using Jingo anymore, but I'm not sure what
# to do with the below.
#
# TODO: Since we're using Jingo in a way that doesn't
# override the Django template loader, the pw_reset.ltxt
# email template must be a Django template and not a Jinja
# template.
#
# After we switch all the rendering everywhere, we can
# probably change this back. Until then, I'm pretty sure
# this won't get translated.
try_send_email_with_form(
form.save,
form,
"email",
use_https=request.is_secure(),
token_generator=default_token_generator,
text_template="users/email/pw_reset.ltxt",
html_template="users/email/pw_reset.html",
subject_template_name="users/email/pw_reset_subject.ltxt",
)
# Form may now be invalid if email failed to send.
# PasswordResetForm is invalid iff there is no user with the entered
# email address.
# The condition below ensures we don't leak existence of email address
# _unless_ sending an email fails.
if form.is_valid() or not was_valid:
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse("users.pw_reset_sent"))
else:
form = PasswordResetForm()
return render(request, template, {"form": form})
def password_reset(request):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
was_valid = form.is_valid()
if was_valid:
# TODO: We aren't using Jingo anymore, but I'm not sure what
# to do with the below.
#
# TODO: Since we're using Jingo in a way that doesn't
# override the Django template loader, the pw_reset.ltxt
# email template must be a Django template and not a Jinja
# template.
#
# After we switch all the rendering everywhere, we can
# probably change this back. Until then, I'm pretty sure
# this won't get translated.
try_send_email_with_form(
form.save,
form,
'email',
use_https=request.is_secure(),
token_generator=default_token_generator,
text_template='users/email/pw_reset.ltxt',
html_template='users/email/pw_reset.html',
subject_template_name='users/email/pw_reset_subject.ltxt')
# Form may now be invalid if email failed to send.
# PasswordResetForm is invalid iff there is no user with the entered
# email address.
# The condition below ensures we don't leak existence of email address
# _unless_ sending an email fails.
if form.is_valid() or not was_valid:
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse('users.pw_reset_sent'))
else:
form = PasswordResetForm()
return render(request, 'users/pw_reset_form.html', {'form': form})