Password reset confirm url

[lemieux]

How do you build the password reset confirm url in the email template? I can't figure out how to do it.

[tarak]

Check password_policies.forms.PasswordResetForm and especially the save() method. Line 212 in

password_policies/forms/__init__.py

In a template do this:

{{ protocol }}://{{ domain }}/account/email/change/confirm/{{ signature }}/

Hope that helps.

I'm closing this issue. If you have any questions, feel free to reopen this issue.

[lemieux]

Thanks for the answer, but it doesn't work. I read the code and it doesn't help either. Line 212 tells me that it generates a signature for the link, but nothing on how the url should be generated since the url is not reversable by the {% url %} tag.

I tried what you told me. Here is my template:

{% load i18n %}{% autoescape off %}
{% blocktrans %}You're receiving this email because you requested a password reset for your user account at {{ site_name }}.{% endblocktrans %}

{% trans "Please go to the following page and choose a new password:" %}
{% block reset_link %}
{{ protocol }}://{{ domain }}/password/reset/confirm/{{signature}}/
{% endblock %}
{% trans "Your username, in case you've forgotten:" %} {{ user.get_username }}

{% trans "Thanks for using our site!" %}

{% blocktrans %}The {{ site_name }} team{% endblocktrans %}

{% endautoescape %}

Here's the rendered version :

You're receiving this email because you requested a password reset for your user account at 127.0.0.1:8000.

Please go to the following page and choose a new password:

http://127.0.0.1:8000/password/reset/confirm/u7H2WsFzc9Jl-nHQDUqLh3y6X60/

Your username, in case you've forgotten: Administrateur

Thanks for using our site!

The 127.0.0.1:8000 team

And i stil get a 404 when following the link.

From the url of this view (my prefix for the module is password)

^reset/confirm/([0-9A-Za-z]{1,13})/([0-9A-Za-z]{1,13})/(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)/$ [name='password_reset_confirm']

I can't figure out how I should be able to append only one variable at the end since I can see at least 2 / after confirm which tell me that the url should be something like /reset/confirm/{{var1}}/{{var2}}/{{var3}}/. This is confirmed by looking at password_policies/views.py Line 147 (PasswordResetConfirmView)

...
def dispatch(self, request, *args, **kwargs):
        self.uidb36 = args[0]
        self.timestamp = args[1]
        self.signature = args[2]
        self.validlink = False
        if self.uidb36 and self.timestamp and self.signature:
...

I don't know where to look now.

Here is my project dependencies if it can help :

Django==1.5.4
argparse==1.2.1
django-axes==1.3.5
django-bcrypt==0.9.2
django-easysettings==1.0.1
django-encrypted-cookie-session==1.1.1
django-password-policies==0.2
django-widget-tweaks==1.3
py-bcrypt==0.4
wsgiref==0.1.2

Thanks again for your time.

[tarak]

Damn... What the heck did I do there....? Reopen!

[tarak]

Thanks for reporting this, by the way...

[lemieux]

No problem... my description wasn't that helpful at first ;)

[tarak]

Marc-Antoine, please try this in your template:

{% load i18n %}{% autoescape off %}
{% blocktrans %}You're receiving this email because you requested a password reset for your user account at {{ site_name }}.{% endblocktrans %}

{% trans "Please go to the following page and choose a new password:" %}
{% block reset_link %}
{{ protocol }}://{{ domain }}{% url 'password_reset_confirm' uid timestamp signature %}
{% endblock %}
{% trans "Your username, in case you've forgotten:" %} {{ user.get_username }}

{% trans "Thanks for using our site!" %}

{% blocktrans %}The {{ site_name }} team{% endblocktrans %}

{% endautoescape %}

[lemieux]

I get a

Reverse for 'password_reset_confirm' with arguments '(u'1', u'1VnGt0', u'J7BpEtdYX9lF69wEZ4Z18zqTy-c')' and keyword arguments '{}' not found.

[tarak]

I think the dash in J7BpEtdYX9lF69wEZ4Z18zqTy-c does not get catched by the regex in the urlconf. can you try to override the url like this in your project's url.py file?

from password_policies.views import PasswordResetConfirmView

# ... The rest of your url.py file content...

url(r'^password/reset/confirm/([0-9A-Za-z]{1,13})/([0-9A-Za-z]{1,13})/([0-9A-Za-z-_=]{1,32})/$', passwordResetConfirmView.as_view(), name="password_reset_confirm"),

You need to put the line before the include of the password_policies urlconf.

[lemieux]

I finally made it work with this url pattern

    url(r'^reset/confirm/([0-9A-Za-z]{1,13})/([0-9A-Za-z]{1,13})/([0-9A-Za-z-=_]{1,32})/$', PasswordResetConfirmView.as_view(), name="password_reset_confirm"),

[tarak]

Yep, I need to find a suitable regex to catch the signature string... I will change the urlconf temporarily to the one that worked for you and get that into the master branch. is it ok for you to use the workaround for a couple of days?

[lemieux]

No problem, take your time. I patched it in my urlconf and this is only for a project for my class... I won't really need it after tomorrow.