Moonsite Blogs

How to add forgot/reset password in Django

2020-05-07

TechDjango

Globe

In this article, you gonna see you how to make password rest for the registered user in our Django based application, I hope you already gone through the previous post regarding signup and log in with Django 2.0.7. Here I’m updating the same code with password reset. we are using builtin auth functionality for Django django.contrib.auth. The process of resetting passwords involves sending emails. For that matter, we will be using console email backend
EMAIL_BACKEND='django.core.mail.backends.console.EmailBackend'
to debug and check if everything is working. At the end of this article, we can map this to SMTP Email Service.

Let’s start coding

Make sure we have to configure django.contrib.auth in your INSTALLED_APPS and an email service needs to be configurated. for the development, we can use file/console email backend. once we finish the development In the last we will configure the SMTP mail send service instead of email_backend.

# usermanger/settings.py INSTALLED_APPS = [ ... 'django.contrib.auth', ] EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

Url configuration

#Usermanager/urls.py from django.urls import path, include urlpatterns = [ path('accounts/', include('django.contrib.auth.urls')), path('accounts/signup', signup , name = 'signup'), ]

once you make these configs you can able to see the following built-in URLs and associated views

accounts/ password_change/ [name='password_change'] accounts/ password_change/done/ [name='password_change_done'] accounts/ password_reset/ [name='password_reset'] accounts/ password_reset/done/ [name='password_reset_done'] accounts/ reset/<uidb64>/<token>/ [name='password_reset_confirm'] accounts/ reset/done/ [name='password_reset_complete']

The explanation for each views for django.contrib.auth()'

[from django official documentation]

  • password_reset: Form where the user submits the email address
  • password_reset_done: Page displayed to the user after submitting the email form. Usually with instructions to open the email account, look in the spam folder etc. And asking for the user to click on the link he will receive.
  • password_reset_confirm: The link that was emailed to the user. This view will validate the token and display a password form if the token is valid or an error message if the token is invalid (e.g. was already used or expired).
  • password_reset_complete: Page displayed to the user after the password was successfully changed.

You don’t need to write separate views for each function, you just need to configure the templates inside the registration folder, please follow below codes for the templates, please keep this in mind, we are extending the base.html.

password_reset

Add reset form : password_reset_form.html

`#templates/registration/password_reset_form.html  
{% extends 'base.html' %}  
{% block title %}Password Reset forum{% endblock %}  
{% block content %}  
<div class="row">  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
<aside class="col-sm-4">  
<h2>Forget Password</h2>  
<div class="card">  
<article class="card-body">  
<form method="post">  
{% csrf_token %}  
{% for field in form %}  
<p>  
{{ field.label_tag }}<br>  
{{ field }}  
{% for error in field.errors %}  
<p style="color: red">{{ error }}</p>  
{% endfor %}  
</p>  
{% endfor %}  
<button type="submit">Submit</button>  
</form>  
</article>  
</div>  
</aside>  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
</div>  
{% endblock %}`

Add password reset subject text : password_reset_subject.txt

#templates/registration/password_reset_subject.txt Password Reset

password_reset_email : This template contain the complete mail content, it’s should send to the user with reset password link [ User can click the link and reset the password]

`#templates/registration/password_reset_email.html  
{% autoescape off %}  
To initiate the password reset process for your {{ user.get_username }} TestSite Account,  
click the link below:  
{{ protocol }}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}  
If clicking the link above doesn't work, please copy and paste the URL in a new browser  
window instead.  
Sincerely,  
The Epicups Team  
{% endautoescape %}`

password_reset_done : This template contains the confirmation message to the user.

`#templates/registration/password_reset_done.html  
{% extends 'base.html' %}  
{% block content %}  
<p>  
We've emailed you instructions for setting your password, if an account exists with the email you entered.  
You should receive them shortly.  
</p>  
<p>  
If you don't receive an email, please make sure you've entered the address you registered with,  
and check your spam folder.  
</p>  
{% endblock %}`

password_reset_confirm: This Template is providing a form to reset the password for the user(if the token is valid then show to form else show the error message)

`#templates/registration/password_reset_confirm.html  
{% extends 'base.html' %}  
{% block title %}Change password{% endblock %}  
{% block content %}  
<div class="row">  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
<aside class="col-sm-4">  
<h2>Change Password</h2>  
<div class="card">  
{% if validlink %}  
<article class="card-body">  
<form method="post">  
{% csrf_token %}  
{% for field in form %}  
<p>  
{{ field.label_tag }}<br>  
{{ field }}  
{% for error in field.errors %}  
<p style="color: red">{{ error }}</p>  
{% endfor %}  
</p>  
{% endfor %}  
<button type="submit">Submit</button>  
</form>  
</article>  
{% else %}  
<article class="card-body">  
<p>  
The password reset link was invalid, possibly because it has already been used.  
Please request a new password reset.  
</p>  
</article>  
{% endif %}  
</div>  
</aside>  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
</div>  
{% endblock %}`

password_reset_complete : This template will give you the confirmation message once the password reset done

`#templates/registration/password_reset_complete.html  
{% extends 'base.html' %}  
{% block title %}Password reset Done{% endblock %}  
{% block content %}  
<div class="row">  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
<aside class="col-sm-4">  
<h2>Password reset complete</h2>  
<div class="card">  
<article class="card-body">  
<p>  
Your password has been set. You may go ahead and <a href="{% url 'login' %}">sign in</a> now.  
</p>  
</article>  
</div>  
</aside>  
<aside class="col-sm-4">  
</aside> <!-- col.// -->  
</div>  
{% endblock %}`

We all set, what’s next, run the project then do the password reset the view.

Configuring SMTP Email Service

First remove the EMAIL_BACKEND from your settings.py, since it defaults to SMTP Email Backend.

Now add the information from your email provider:

`# usermanager/settings.py

EMAIL_HOST = ''
EMAIL_PORT = 587
EMAIL_HOST_USER = ''
EMAIL_HOST_PASSWORD = ''
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = 'Epicups Team admin@epicups.com'`

This is how you can easily set up reset password through mail in django.

Written by Tanishk Chaturvedi

← back to all posts