0

Django silently fails and does not sends reset password emails if a usable password is not set for a user. How do we override this condition?

Django assumes that that LDAP auth needs to be used in case password is not set. But in our case, users can login via social auth, which does not sets the password for users. Reseting the password via email is the the only option if they wish to login using an email and password. How do we do this?

One possible method is to set a random password at the time of user registration, but we do not want to do that since it is not very intuitive.

References:

jerrymouse
  • 16,964
  • 16
  • 76
  • 97

1 Answers1

3

Here's what you need to do. Check out https://docs.djangoproject.com/en/1.8/_modules/django/contrib/auth/forms/

class PasswordResetForm has a method get_users:

def get_users(self, email):

    """Given an email, return matching user(s) who should receive a reset.

    This allows subclasses to more easily customize the default policies
    that prevent inactive users and users with unusable passwords from
    resetting their password.

    """
    active_users = get_user_model()._default_manager.filter(
        email__iexact=email, is_active=True)
    return (u for u in active_users if u.has_usable_password())

Override this method with this function:

def get_users(self, email):

    """Given an email, return matching user(s) who should receive a reset.

    This allows subclasses to more easily customize the default policies
    that prevent inactive users and users with unusable passwords from
    resetting their password.

    """
    active_users = get_user_model()._default_manager.filter(
        email__iexact=email, is_active=True)
    return active_users

To do this, you would build a custom form and override this method.

class PasswordResetFormAllowNoPassword(PasswordResetForm):

    def get_users(self, email):
        active_users = get_user_model()._default_manager.filter(
            email__iexact=email, is_active=True)
        return active_users
Aayush Agrawal
  • 1,354
  • 1
  • 12
  • 24
  • Here's a StackOverflow answer on how to use a custom Form to override a default Form: https://stackoverflow.com/questions/32604481/django-customize-reset-password-form – Aayush Agrawal Jul 09 '20 at 16:04