In this short tutorial, I will explain how to use Change Password and Reset or Forgot Password Functionality in Django. The process for Password Reset involves sending emails. For that matter, we are going to use console email backend and check if everything is functioning. Follow this tutorial how to send email using SMTP Email Service.
You may also like –
How to Create Change Password in Django
How to Create Reset / Forgot Password in Django
Prerequisite
Basically, all you need to have django.contrib.auth in your INSTALLED_APPS and an email service properly configurated (for production). In this tutorial, we are going to use console email backend which prints email in console(terminal/command line) instead of sending an email.
How to Create Change Password in Django
Implementing a built-in Change Password in Django is very easy. Django provides authentication and authorization. For Changing Password you need to get authenticated first.
In your urls.py, we need to import PasswordChangeView from Django Auth. By default, Django PasswordChangeView will render template registration/change_password.html. But we need some customization and we’ll tell PasswordChangeView to render a template from commons/change-password.html. success_url is also a way to redirect a user after changing the password successfully.
# urls.py
from django.contrib import admin
from django.urls import path, include
from django.contrib.auth import views as auth_views
urlpatterns = [
...
# Change Password
path(
'change-password/',
auth_views.PasswordChangeView.as_view(
template_name='commons/change-password.html',
success_url = '/'
),
name='change_password'
),
]
<!-- commons/change-password.html -->
{% extends 'base.html' %}
{% block title %}Change Password Page{% endblock title %}
{% block content %}
<h2>Change Password</h2>
<form method="post">
{% csrf_token %}
{{ form.as_p }}
<a href="{% url 'home' %}">Back</a>
<button type="submit">Submit</button>
</form>
{% endblock content %}
How to Create Reset / Forgot Password in Django
For Password Reset, we require 4 different Django 2.2 in-built Views. ( Django custom password reset email, Django override password reset form).Following are the views –
- PasswordResetView – This is the view where the user submits the email of the respective account using form.
- PasswordResetDoneView – View which automatically displays after submitting an email. On this page, you can give instructions for the futher process.
- PasswordResetConfirmView – This link is emailed to the user. Here token is validated against user data. Then a form is be displayed or error against invalidation.
- PasswordResetCompleteView – Page Display after successful Password Reset.
Lets import all the views and create routes in urls.py. By default, views try to render templates from the registeration folder template. But we are loading our own customs templates using template_name argument.
# urls.py
from django.contrib import admin
from django.urls import path, include
from django.contrib.auth import views as auth_views
urlpatterns = [
...
# Forget Password
path('password-reset/',
auth_views.PasswordResetView.as_view(
template_name='commons/password-reset/password_reset.html',
subject_template_name='commons/password-reset/password_reset_subject.txt',
email_template_name='commons/password-reset/password_reset_email.html',
# success_url='/login/'
),
name='password_reset'),
path('password-reset/done/',
auth_views.PasswordResetDoneView.as_view(
template_name='commons/password-reset/password_reset_done.html'
),
name='password_reset_done'),
path('password-reset-confirm/<uidb64>/<token>/',
auth_views.PasswordResetConfirmView.as_view(
template_name='commons/password-reset/password_reset_confirm.html'
),
name='password_reset_confirm'),
path('password-reset-complete/',
auth_views.PasswordResetCompleteView.as_view(
template_name='commons/password-reset/password_reset_complete.html'
),
name='password_reset_complete'),
]
List of Required Templates –
If you want to avoid extra parameters like template_name then create a folder named registration inside your templates folder. In our function, we have stored our files in commons folder.
- commons/password_reset_form.html
- commons/password_reset_done.html
- commons/password_reset_confirm.html
- commons/password_reset_complete.html
- commons/password_reset_subject.txt
- commons/password_reset_email.html
password_reset_form.html
<h2>Reset Password</h2>
<form method="post">
{% csrf_token %}
{{ form.as_p }}
<button type="submit">submit</button>
</form>
password_reset_done.html
<h2>Reset Password</h2> <p>We have sended you reset password link on your email. Please Check Your Email.</p>
password_reset_confirm.html
<h2>Reset Password</h2>
<h3>Enter your new password</h3>
<form class="form" action="" method="POST" enctype="multipart/form-data">
{% csrf_token %}
{{ form.as_p }}
<button type="submit" class="btn btn-primary btn-lg btn-block"><i class="icon-lock4"></i> Change Password</button>
</form>
password_reset_complete.html
<h2>Reset Password</h2>
<h3>Hurray! Your password has been changed.</h3>
<a href="{% url 'login' %}">Click here to Login</a>
GitHub – Run Example Locally
Code is also available on GitHub – https://github.com/studygyaan/How-to-use-Built-In-Login-and-Logout-Authentication-System-in-Django
Clone the Repository
git clone https://github.com/studygyaan/How-to-use-Built-In-Login-and-Logout-Authentication-System-in-Django.git
Change Directory
cd How-to-use-Built-In-Login-and-Logout-Authentication-System-in-Django
Create Virtual Environment – VirtualENV
virtualenv env
Activate Virtual Environment
source env/bin/activate
Run requirements file to install libraries using Pip3
pip3 install -r requirements.txt
Run the server
python3 manage.py runserver
And open http://localhost:8000/ in your browser.
