p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Used .. attribute:: directive in authentication views docs.

This commit is contained in:
Mariusz Felisiak 2021-02-08 18:12:58 +01:00 committed by GitHub
parent 6ee86a12ee
commit 59841170ba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 185 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/ref/class-based-views/mixins-editing.txt
View File

@ -51,7 +51,7 @@ The following mixins are used to construct Django's editing views:
.. method:: get_form_class() .. method:: get_form_class()
Retrieve the form class to instantiate. By default Retrieve the form class to instantiate. By default
:attr:`.form_class`. :attr:`~django.views.generic.edit.FormMixin.form_class`.
.. method:: get_form(form_class=None) .. method:: get_form(form_class=None)

294
docs/topics/auth/default.txt
View File

@ -998,39 +998,50 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The name of a template to display for the view used to .. attribute:: template_name
log the user in. Defaults to :file:`registration/login.html`.
* ``redirect_field_name``: The name of a ``GET`` field containing the The name of a template to display for the view used to log the user in.
URL to redirect to after login. Defaults to ``next``. Defaults to :file:`registration/login.html`.
* ``authentication_form``: A callable (typically a form class) to use for .. attribute:: redirect_field_name
authentication. Defaults to
:class:`~django.contrib.auth.forms.AuthenticationForm`.
* ``extra_context``: A dictionary of context data that will be added to the The name of a ``GET`` field containing the URL to redirect to after
default context data passed to the template. login. Defaults to ``next``.
* ``redirect_authenticated_user``: A boolean that controls whether or not .. attribute:: authentication_form
authenticated users accessing the login page will be redirected as if
they had just successfully logged in. Defaults to ``False``.
.. warning:: A callable (typically a form class) to use for authentication. Defaults
to :class:`~django.contrib.auth.forms.AuthenticationForm`.
If you enable ``redirect_authenticated_user``, other websites will be .. attribute:: extra_context
able to determine if their visitors are authenticated on your site by
requesting redirect URLs to image files on your website. To avoid
this "`social media fingerprinting
<https://robinlinus.github.io/socialmedia-leak/>`_" information
leakage, host all images and your favicon on a separate domain.
Enabling ``redirect_authenticated_user`` can also result in a redirect A dictionary of context data that will be added to the default context
loop when using the :func:`.permission_required` decorator data passed to the template.
unless the ``raise_exception`` parameter is used.
* ``success_url_allowed_hosts``: A :class:`set` of hosts, in addition to .. attribute:: redirect_authenticated_user
:meth:`request.get_host() <django.http.HttpRequest.get_host>`, that are
safe for redirecting after login. Defaults to an empty :class:`set`. A boolean that controls whether or not authenticated users accessing
the login page will be redirected as if they had just successfully
logged in. Defaults to ``False``.
.. warning::
If you enable ``redirect_authenticated_user``, other websites will
be able to determine if their visitors are authenticated on your
site by requesting redirect URLs to image files on your website. To
avoid this "`social media fingerprinting
<https://robinlinus.github.io/socialmedia-leak/>`_" information
leakage, host all images and your favicon on a separate domain.
Enabling ``redirect_authenticated_user`` can also result in a
redirect loop when using the :func:`.permission_required` decorator
unless the ``raise_exception`` parameter is used.
.. attribute:: success_url_allowed_hosts
A :class:`set` of hosts, in addition to :meth:`request.get_host()
<django.http.HttpRequest.get_host>`, that are safe for redirecting
after login. Defaults to an empty :class:`set`.
Here's what ``LoginView`` does: Here's what ``LoginView`` does:
@ -1137,22 +1148,33 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``next_page``: The URL to redirect to after logout. Defaults to .. attribute:: next_page
:setting:`settings.LOGOUT_REDIRECT_URL <LOGOUT_REDIRECT_URL>`.
* ``template_name``: The full name of a template to display after The URL to redirect to after logout. Defaults to
logging the user out. Defaults to :file:`registration/logged_out.html`. :setting:`LOGOUT_REDIRECT_URL`.
* ``redirect_field_name``: The name of a ``GET`` field containing the .. attribute:: template_name
URL to redirect to after log out. Defaults to ``next``. Overrides the
``next_page`` URL if the given ``GET`` parameter is passed.
* ``extra_context``: A dictionary of context data that will be added to the The full name of a template to display after logging the user out.
default context data passed to the template. Defaults to :file:`registration/logged_out.html`.
* ``success_url_allowed_hosts``: A :class:`set` of hosts, in addition to .. attribute:: redirect_field_name
:meth:`request.get_host() <django.http.HttpRequest.get_host>`, that are
safe for redirecting after logout. Defaults to an empty :class:`set`. The name of a ``GET`` field containing the URL to redirect to after log
out. Defaults to ``'next'``. Overrides the
:attr:`next_page` URL if the given ``GET`` parameter is
passed.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
.. attribute:: success_url_allowed_hosts
A :class:`set` of hosts, in addition to :meth:`request.get_host()
<django.http.HttpRequest.get_host>`, that are safe for redirecting
after logout. Defaults to an empty :class:`set`.
**Template context:** **Template context:**
@ -1189,20 +1211,28 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to use for .. attribute: template_name
displaying the password change form. Defaults to
:file:`registration/password_change_form.html` if not supplied.
* ``success_url``: The URL to redirect to after a successful password The full name of a template to use for displaying the password change
change. Defaults to ``'password_change_done'``. form. Defaults to :file:`registration/password_change_form.html` if not
supplied.
* ``form_class``: A custom "change password" form which must accept a .. attribute:: success_url
``user`` keyword argument. The form is responsible for actually changing
the user's password. Defaults to
:class:`~django.contrib.auth.forms.PasswordChangeForm`.
* ``extra_context``: A dictionary of context data that will be added to the The URL to redirect to after a successful password change. Defaults to
default context data passed to the template. ``'password_change_done'``.
.. attribute:: form_class
A custom "change password" form which must accept a ``user`` keyword
argument. The form is responsible for actually changing the user's
password. Defaults to
:class:`~django.contrib.auth.forms.PasswordChangeForm`.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
**Template context:** **Template context:**
@ -1216,12 +1246,15 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to use. .. attribute:: template_name
Defaults to :file:`registration/password_change_done.html` if not
supplied.
* ``extra_context``: A dictionary of context data that will be added to the The full name of a template to use. Defaults to
default context data passed to the template. :file:`registration/password_change_done.html` if not supplied.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
.. class:: PasswordResetView .. class:: PasswordResetView
@ -1257,42 +1290,62 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to use for .. attribute:: template_name
displaying the password reset form. Defaults to
:file:`registration/password_reset_form.html` if not supplied.
* ``form_class``: Form that will be used to get the email of The full name of a template to use for displaying the password reset
the user to reset the password for. Defaults to form. Defaults to :file:`registration/password_reset_form.html` if not
:class:`~django.contrib.auth.forms.PasswordResetForm`. supplied.
* ``email_template_name``: The full name of a template to use for .. attribute:: form_class
generating the email with the reset password link. Defaults to
:file:`registration/password_reset_email.html` if not supplied.
* ``subject_template_name``: The full name of a template to use for Form that will be used to get the email of the user to reset the
the subject of the email with the reset password link. Defaults password for. Defaults to
to :file:`registration/password_reset_subject.txt` if not supplied. :class:`~django.contrib.auth.forms.PasswordResetForm`.
* ``token_generator``: Instance of the class to check the one time link. .. attribute:: email_template_name
This will default to ``default_token_generator``, it's an instance of
``django.contrib.auth.tokens.PasswordResetTokenGenerator``.
* ``success_url``: The URL to redirect to after a successful password reset The full name of a template to use for generating the email with the
request. Defaults to ``'password_reset_done'``. reset password link. Defaults to
:file:`registration/password_reset_email.html` if not supplied.
* ``from_email``: A valid email address. By default Django uses .. attribute:: subject_template_name
the :setting:`DEFAULT_FROM_EMAIL`.
* ``extra_context``: A dictionary of context data that will be added to the The full name of a template to use for the subject of the email with
default context data passed to the template. the reset password link. Defaults to
:file:`registration/password_reset_subject.txt` if not supplied.
* ``html_email_template_name``: The full name of a template to use .. attribute:: token_generator
for generating a :mimetype:`text/html` multipart email with the password
reset link. By default, HTML email is not sent.
* ``extra_email_context``: A dictionary of context data that will be Instance of the class to check the one time link. This will default to
available in the email template. It can be used to override default ``default_token_generator``, it's an instance of
template context values listed below e.g. ``domain``. ``django.contrib.auth.tokens.PasswordResetTokenGenerator``.
.. attribute:: success_url
The URL to redirect to after a successful password reset request.
Defaults to ``'password_reset_done'``.
.. attribute:: from_email
A valid email address. By default Django uses the
:setting:`DEFAULT_FROM_EMAIL`.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
.. attribute:: html_email_template_name
The full name of a template to use for generating a
:mimetype:`text/html` multipart email with the password reset link. By
default, HTML email is not sent.
.. attribute:: extra_email_context
A dictionary of context data that will be available in the email
template. It can be used to override default template context values
listed below e.g. ``domain``.
**Template context:** **Template context:**
@ -1348,12 +1401,15 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to use. .. attribute:: template_name
Defaults to :file:`registration/password_reset_done.html` if not
supplied.
* ``extra_context``: A dictionary of context data that will be added to the The full name of a template to use. Defaults to
default context data passed to the template. :file:`registration/password_reset_done.html` if not supplied.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
.. class:: PasswordResetConfirmView .. class:: PasswordResetConfirmView
@ -1369,34 +1425,48 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to display the confirm .. attribute:: template_name
password view. Default value is
:file:`registration/password_reset_confirm.html`.
* ``token_generator``: Instance of the class to check the password. This The full name of a template to display the confirm password view.
will default to ``default_token_generator``, it's an instance of Default value is :file:`registration/password_reset_confirm.html`.
``django.contrib.auth.tokens.PasswordResetTokenGenerator``.
* ``post_reset_login``: A boolean indicating if the user should be .. attribute:: token_generator
automatically authenticated after a successful password reset. Defaults
to ``False``.
* ``post_reset_login_backend``: A dotted path to the authentication Instance of the class to check the password. This will default to
backend to use when authenticating a user if ``post_reset_login`` is ``default_token_generator``, it's an instance of
``True``. Required only if you have multiple ``django.contrib.auth.tokens.PasswordResetTokenGenerator``.
:setting:`AUTHENTICATION_BACKENDS` configured. Defaults to ``None``.
* ``form_class``: Form that will be used to set the password. Defaults to .. attribute:: post_reset_login
:class:`~django.contrib.auth.forms.SetPasswordForm`.
* ``success_url``: URL to redirect after the password reset done. Defaults A boolean indicating if the user should be automatically authenticated
to ``'password_reset_complete'``. after a successful password reset. Defaults to ``False``.
* ``extra_context``: A dictionary of context data that will be added to the .. attribute:: post_reset_login_backend
default context data passed to the template.
* ``reset_url_token``: Token parameter displayed as a component of password A dotted path to the authentication backend to use when authenticating
reset URLs. Defaults to ``'set-password'``. a user if ``post_reset_login`` is ``True``. Required only if you have
multiple :setting:`AUTHENTICATION_BACKENDS` configured. Defaults to
``None``.
.. attribute:: form_class
Form that will be used to set the password. Defaults to
:class:`~django.contrib.auth.forms.SetPasswordForm`.
.. attribute:: success_url
URL to redirect after the password reset done. Defaults to
``'password_reset_complete'``.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
.. attribute:: reset_url_token
Token parameter displayed as a component of password reset URLs.
Defaults to ``'set-password'``.
**Template context:** **Template context:**
@ -1415,11 +1485,15 @@ implementation details see :ref:`using-the-views`.
**Attributes:** **Attributes:**
* ``template_name``: The full name of a template to display the view. .. attribute:: template_name
Defaults to :file:`registration/password_reset_complete.html`.
* ``extra_context``: A dictionary of context data that will be added to the The full name of a template to display the view. Defaults to
default context data passed to the template. :file:`registration/password_reset_complete.html`.
.. attribute:: extra_context
A dictionary of context data that will be added to the default context
data passed to the template.
Helper functions Helper functions
---------------- ----------------