Views

django-authtools provides the following class-based views, intended to be mostly drop-in replacements for their built-in counterparts.

In addition to the built-in views, there is a new PasswordResetConfirmAndLoginView that logs in the user and redirects them after they reset their password.

Note

The view functions in Django were wrapped in decorators. The classed-based views provided by django-authtools have the same decorators applied to their view functions. Any subclasses of these views will also have the same decorators applied.

class authtools.views.LoginView

The view function authtools.views.login() replaces django.contrib.auth.views.login().

disallow_authenticated

When True, authenticated users will be automatically redirected to the success_url when visiting this view. Defaults to True.

class authtools.views.LogoutView

The view functions authtools.views.logout() and authtools.views.logout_then_login() replace django.contrib.auth.views.logout() django.contrib.auth.views.logout_then_login() respectively.

url

The URL to redirect to after logging in. This replaces the login_url parameter present in the built-in function.

For the logout_then_login() this is default to LOGIN_REDIRECT_URL.

template_name

If url is None and there is no next parameter, LoginView will act like a TemplateView and display a template.

class authtools.views.PasswordChangeView

The view function authtools.views.password_change() replaces django.contrib.auth.views.password_change().

success_url

This replaces the post_change_redirect parameter present in the built-in function. Uses the next URL parameter or defaults to the ‘password_change_done’ view.

class authtools.views.PasswordChangeDoneView

The view function authtools.views.password_change_done() replaces django.contrib.auth.views.password_change_done().

class authtools.views.PasswordResetView

The view function authtools.views.password_reset() replaces django.contrib.auth.views.password_reset().

success_url

The pages which the user should be redirected to after requesting a password reset. This replaces the next_page parameter present in the built-in function. Defaults to the ‘password_reset_done’ view.

form_class

The form class to present the user. This replaces the password_reset_form parameter present in the built-in function.

Django 1.6 removed the email check from this view in order to avoid leaking user email addresses.

In some cases, this can worsen user experience without providing any extra security. For example, if email addresses are unique, then the registration form will be leaking email addresses.

If you’re in this case, and you wish to improve usability of this view informing the user if they did any typo, you can do:

# yourproject/urls.py
urlpatterns += patterns( # ...
    # ...
    url('^auth/password_reset/$',
        PasswordResetView.as_view(FriendlyPasswordResetForm),
        name='password_reset'),
    url('^auth/', include('authtools.urls'),
    # ...
)
class authtools.views.PasswordResetDoneView

The view function authtools.views.password_reset_done() replaces django.contrib.auth.views.password_reset_done().

class authtools.views.PasswordResetConfirmView

The view function authtools.views.password_reset_confirm() replaces django.contrib.auth.views.password_reset_confirm().

success_url

Where to redirect the user after resetting their password. This replaces the post_reset_redirect parameter present in the built-in function.

form_class

The form class to present the user when resetting their password. The form class must provide a save method like in the django.contrib.auth.forms.SetPasswordForm This replaces the set_password_form parameter present in the built-in function. Default is django.contrib.auth.forms.SetPasswordForm.

Note

Django 1.6 changed this view to support base-64 encoding the user’s pk. Django provides a different view for each type of encoding, but our view works with both, so we only have a single view.

This was a backwards-incompatible change in Django, so be sure to update your urlpatterns and anywhere you reverse the password_reset_confirm URL (like the password reset email template, registration/password_reset_email.html).

class authtools.views.PasswordResetConfirmAndLoginView

Available as the view function authtools.views.password_reset_confirm_and_login().

This is like PasswordResetConfirmView, but also logs the user in after resetting their password. By default, it will redirect the user to the LOGIN_REDIRECT_URL.

If you wanted to use this view, you could have a url config that looks like:

urlpatterns = patterns('',
    url('^reset/(?P<uidb36>[0-9A-Za-z]{1,13})-(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',
        'authtools.views.password_reset_confirm_and_login', name='password_reset_confirm'),
    url('^', include('authtools.urls')),
)

Note

In Django 1.6, the uidb36 kwarg was changed to uidb64, so your url will look like:

url(r'^reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',
    'authtools.views.password_reset_confirm_and_login',
    name='password_reset_confirm'),

Like PasswordResetConfirmView, this view supports both uid36 and uidb64.

class authtools.views.PasswordResetCompleteView

The view function authtools.views.password_reset_complete() replaces django.contrib.auth.views.password_reset_complete().