8

In my application I am using Django Allauth. I don't have any registration form for users. The admin is going to register users by uploading an excel file that contains user info. I have done all of this and users are saved in the user table by auto generating passwords. After I upload user lists and save them in database, I want to send a reset password email to each user.

In allauth to reset password you first need to go to reset page account/password/reset/ and type your email. then an email is send which directs you to change your password account/password/reset/key/(?P<uidb36>[0-9A-Za-z]+)-(?P<key>.+)/

Is it possible to send the email directly within the app? The url contains a key that I don't know how to generate!! Or is there any better way to do that?

Marjan Kalanaki
  • 183
  • 1
  • 4
  • 13

3 Answers3

15

It's possible. My solution implements a User model post_save signal to call the Allauth Password reset view which will send the user the email. The first thing to consider is to make the user email address mandatory in the admin user create form (as explained here). And then use this code:

from allauth.account.views import PasswordResetView

from django.conf import settings
from django.dispatch import receiver
from django.http import HttpRequest
from django.middleware.csrf import get_token


@receiver(models.signals.post_save, sender=settings.AUTH_USER_MODEL)
def send_reset_password_email(sender, instance, created, **kwargs):

    if created:

        # First create a post request to pass to the view
        request = HttpRequest()
        request.method = 'POST'

        # add the absolute url to be be included in email
        if settings.DEBUG:
            request.META['HTTP_HOST'] = '127.0.0.1:8000'
        else:
            request.META['HTTP_HOST'] = 'www.mysite.com'

        # pass the post form data
        request.POST = {
            'email': instance.email,
            'csrfmiddlewaretoken': get_token(HttpRequest())
        }
        PasswordResetView.as_view()(request)  # email will be sent!
davecaputo
  • 331
  • 3
  • 8
  • Thank you so much. Your answer was just in time :) I had implemented it in a not clean way but your solution is great and is working well. – Marjan Kalanaki Oct 01 '17 at 20:34
  • I'm glad it was helpful :) – davecaputo Oct 01 '17 at 21:18
  • This works. Thank you. I want send the mail from ajax (where user enters his/her mail and maybe we see he/she has_unusable_password()), so I can (I hope so, but have yet tested with localhost:8000 only) set the HTTP_HOST from original request: fake_request.META['HTTP_HOST'] = (original_)request.get_host() – mirek Aug 05 '20 at 12:56
  • For similar stupid people as me: In my case I have had an ajax call and I needed send the mail + return some json as response to the ajax call. And I have used this answer. Of course, inside ajax call I already have the request as the needed parameter for PasswordResetView. When I construct and send a fake request, everything works. BUT: contextmanagers of PasswordResetView will receive different request as the correct one which went through all middlewares. So if you depend in contextmanagers on your middleware changes in request, it will fail (much later and with a difficult error). – mirek Dec 11 '20 at 16:19
5

You can try to get URL for specific user using something like this:

from allauth.account.forms import EmailAwarePasswordResetTokenGenerator
from allauth.account.utils import user_pk_to_url_str

token_generator = EmailAwarePasswordResetTokenGenerator()
user = User.objects.get(email='example@example.com')
temp_key = token_generator.make_token(user)
path = reverse("account_reset_password_from_key", 
               kwargs=dict(uidb36=user_pk_to_url_str(user), key=temp_key))
nikitko43
  • 79
  • 1
  • 2
  • 3
0

Following from @davecaputo's answer, you can also directly submit the form instead of creating and calling the view:

from allauth.account.forms import ResetPasswordForm
from django.conf import settings
from django.http import HttpRequest


def send_password_reset(user: settings.AUTH_USER_MODEL):
    request = HttpRequest()
    request.user = user
    request.META["HTTP_HOST"] = "www.mysite.com"

    form = ResetPasswordForm({"email": user.email})
    if form.is_valid():
        form.save(request)
Matthew
  • 559
  • 7
  • 10