Views¶
django-authtools provides the following class-based views, intended to be mostly drop-in replacements for their built-in counterparts.
In addition to the built-in views, there is a new
PasswordResetConfirmAndLoginView
that logs in the user and redirects
them after they reset their password.
Note
The view functions in Django were wrapped in decorators. The classed-based views provided by django-authtools have the same decorators applied to their view functions. Any subclasses of these views will also have the same decorators applied.
-
class
authtools.views.
LoginView
¶ The view function
authtools.views.login()
replacesdjango.contrib.auth.views.login()
.-
disallow_authenticated
¶ When
True
, authenticated users will be automatically redirected to thesuccess_url
when visiting this view. Defaults toTrue
.
-
-
class
authtools.views.
LogoutView
¶ The view functions
authtools.views.logout()
andauthtools.views.logout_then_login()
replacedjango.contrib.auth.views.logout()
django.contrib.auth.views.logout_then_login()
respectively.-
url
¶ The URL to redirect to after logging in. This replaces the
login_url
parameter present in the built-in function.For the
logout_then_login()
this is default toLOGIN_REDIRECT_URL
.
-
-
class
authtools.views.
PasswordChangeView
¶ The view function
authtools.views.password_change()
replacesdjango.contrib.auth.views.password_change()
.-
success_url
¶ This replaces the
post_change_redirect
parameter present in the built-in function. Uses thenext
URL parameter or defaults to the ‘password_change_done’ view.
-
-
class
authtools.views.
PasswordChangeDoneView
¶ The view function
authtools.views.password_change_done()
replacesdjango.contrib.auth.views.password_change_done()
.
-
class
authtools.views.
PasswordResetView
¶ The view function
authtools.views.password_reset()
replacesdjango.contrib.auth.views.password_reset()
.-
success_url
¶ The pages which the user should be redirected to after requesting a password reset. This replaces the
next_page
parameter present in the built-in function. Defaults to the ‘password_reset_done’ view.
-
form_class
¶ The form class to present the user. This replaces the
password_reset_form
parameter present in the built-in function.
Django 1.6 removed the email check from this view in order to avoid leaking user email addresses.
In some cases, this can worsen user experience without providing any extra security. For example, if email addresses are unique, then the registration form will be leaking email addresses.
If you’re in this case, and you wish to improve usability of this view informing the user if they did any typo, you can do:
# yourproject/urls.py urlpatterns += patterns( # ... # ... url('^auth/password_reset/$', PasswordResetView.as_view(FriendlyPasswordResetForm), name='password_reset'), url('^auth/', include('authtools.urls'), # ... )
-
-
class
authtools.views.
PasswordResetDoneView
¶ The view function
authtools.views.password_reset_done()
replacesdjango.contrib.auth.views.password_reset_done()
.
-
class
authtools.views.
PasswordResetConfirmView
¶ The view function
authtools.views.password_reset_confirm()
replacesdjango.contrib.auth.views.password_reset_confirm()
.-
success_url
¶ Where to redirect the user after resetting their password. This replaces the
post_reset_redirect
parameter present in the built-in function.
-
form_class
¶ The form class to present the user when resetting their password. The form class must provide a
save
method like in thedjango.contrib.auth.forms.SetPasswordForm
This replaces theset_password_form
parameter present in the built-in function. Default isdjango.contrib.auth.forms.SetPasswordForm
.
Note
Django 1.6 changed this view to support base-64 encoding the user’s pk. Django provides a different view for each type of encoding, but our view works with both, so we only have a single view.
This was a backwards-incompatible change in Django, so be sure to update your urlpatterns and anywhere you reverse the
password_reset_confirm
URL (like the password reset email template,registration/password_reset_email.html
).-
-
class
authtools.views.
PasswordResetConfirmAndLoginView
¶ Available as the view function
authtools.views.password_reset_confirm_and_login()
.This is like
PasswordResetConfirmView
, but also logs the user in after resetting their password. By default, it will redirect the user to theLOGIN_REDIRECT_URL
.If you wanted to use this view, you could have a url config that looks like:
urlpatterns = patterns('', url('^reset/(?P<uidb36>[0-9A-Za-z]{1,13})-(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', 'authtools.views.password_reset_confirm_and_login', name='password_reset_confirm'), url('^', include('authtools.urls')), )
Note
In Django 1.6, the
uidb36
kwarg was changed touidb64
, so your url will look like:url(r'^reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$', 'authtools.views.password_reset_confirm_and_login', name='password_reset_confirm'),
Like
PasswordResetConfirmView
, this view supports bothuid36
anduidb64
.
-
class
authtools.views.
PasswordResetCompleteView
¶ The view function
authtools.views.password_reset_complete()
replacesdjango.contrib.auth.views.password_reset_complete()
.