diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py index d20c472495..cc0f7071c3 100644 --- a/django/contrib/auth/forms.py +++ b/django/contrib/auth/forms.py @@ -117,7 +117,7 @@ class PasswordResetForm(forms.Form): return email def save(self, domain_override=None, email_template_name='registration/password_reset_email.html', - use_https=False, token_generator=default_token_generator): + use_https=False, token_generator=default_token_generator, from_email=None): """ Generates a one-use only link for resetting password and sends to the user """ @@ -140,7 +140,7 @@ class PasswordResetForm(forms.Form): 'protocol': use_https and 'https' or 'http', } send_mail(_("Password reset on %s") % site_name, - t.render(Context(c)), None, [user.email]) + t.render(Context(c)), from_email, [user.email]) class SetPasswordForm(forms.Form): """ diff --git a/django/contrib/auth/tests/urls.py b/django/contrib/auth/tests/urls.py index c6252ed2de..bc2f7e705f 100644 --- a/django/contrib/auth/tests/urls.py +++ b/django/contrib/auth/tests/urls.py @@ -16,6 +16,7 @@ urlpatterns += patterns('', (r'^logout/custom_query/$', 'django.contrib.auth.views.logout', dict(redirect_field_name='follow')), (r'^logout/next_page/$', 'django.contrib.auth.views.logout', dict(next_page='/somewhere/')), (r'^remote_user/$', remote_user_auth_view), + (r'^password_reset_from_email/$', 'django.contrib.auth.views.password_reset', dict(from_email='staffmember@example.com')), (r'^login_required/$', login_required(password_reset)), (r'^login_required_login_url/$', login_required(password_reset, login_url='/somewhere/')), ) diff --git a/django/contrib/auth/tests/views.py b/django/contrib/auth/tests/views.py index 6b8efad894..e20afbc5b0 100644 --- a/django/contrib/auth/tests/views.py +++ b/django/contrib/auth/tests/views.py @@ -62,6 +62,14 @@ class PasswordResetTest(AuthViewsTestCase): self.assertEquals(response.status_code, 302) self.assertEquals(len(mail.outbox), 1) self.assert_("http://" in mail.outbox[0].body) + self.assertEquals(settings.DEFAULT_FROM_EMAIL, mail.outbox[0].from_email) + + def test_email_found_custom_from(self): + "Email is sent if a valid email address is provided for password reset when a custom from_email is provided." + response = self.client.post('/password_reset_from_email/', {'email': 'staffmember@example.com'}) + self.assertEquals(response.status_code, 302) + self.assertEquals(len(mail.outbox), 1) + self.assertEquals("staffmember@example.com", mail.outbox[0].from_email) def _test_confirm_start(self): # Start by creating the email diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py index b2e875a869..eaa0dbeba2 100644 --- a/django/contrib/auth/views.py +++ b/django/contrib/auth/views.py @@ -105,7 +105,7 @@ def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_N def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html', email_template_name='registration/password_reset_email.html', password_reset_form=PasswordResetForm, token_generator=default_token_generator, - post_reset_redirect=None): + post_reset_redirect=None, from_email=None): if post_reset_redirect is None: post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done') if request.method == "POST": @@ -114,6 +114,7 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas opts = {} opts['use_https'] = request.is_secure() opts['token_generator'] = token_generator + opts['from_email'] = from_email if is_admin_site: opts['domain_override'] = request.META['HTTP_HOST'] else: diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index 00b95ba085..8c9b0f1cff 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -906,7 +906,7 @@ includes a few other useful built-in views located in default to :file:`registration/password_change_done.html` if not supplied. -.. function:: views.password_reset(request[, is_admin_site, template_name, email_template_name, password_reset_form, token_generator, post_reset_redirect]) +.. function:: views.password_reset(request[, is_admin_site, template_name, email_template_name, password_reset_form, token_generator, post_reset_redirect, from_email]) Allows a user to reset their password by generating a one-time use link that can be used to reset the password, and sending that link to the @@ -932,6 +932,11 @@ includes a few other useful built-in views located in * ``post_reset_redirect``: The URL to redirect to after a successful password change. + .. versionchanged:: 1.3 + + * ``from_email``: A valid e-mail address. By default Django uses + the :setting:`DEFAULT_FROM_EMAIL`. + **Template context:** * ``form``: The form for resetting the user's password.