mirror of https://github.com/django/django.git
Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views
Thanks to julien for the suggestion and patch, and SmileyChris for work on the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11618 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
9f8287a3f1
commit
c46ddbf1fc
|
@ -14,11 +14,13 @@ from django.utils.translation import ugettext as _
|
||||||
from django.contrib.auth.models import User
|
from django.contrib.auth.models import User
|
||||||
from django.views.decorators.cache import never_cache
|
from django.views.decorators.cache import never_cache
|
||||||
|
|
||||||
def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
|
def login(request, template_name='registration/login.html',
|
||||||
|
redirect_field_name=REDIRECT_FIELD_NAME,
|
||||||
|
authentication_form=AuthenticationForm):
|
||||||
"Displays the login form and handles the login action."
|
"Displays the login form and handles the login action."
|
||||||
redirect_to = request.REQUEST.get(redirect_field_name, '')
|
redirect_to = request.REQUEST.get(redirect_field_name, '')
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
form = AuthenticationForm(data=request.POST)
|
form = authentication_form(data=request.POST)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
# Light security check -- make sure redirect_to isn't garbage.
|
# Light security check -- make sure redirect_to isn't garbage.
|
||||||
if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
|
if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
|
||||||
|
@ -29,7 +31,7 @@ def login(request, template_name='registration/login.html', redirect_field_name=
|
||||||
request.session.delete_test_cookie()
|
request.session.delete_test_cookie()
|
||||||
return HttpResponseRedirect(redirect_to)
|
return HttpResponseRedirect(redirect_to)
|
||||||
else:
|
else:
|
||||||
form = AuthenticationForm(request)
|
form = authentication_form(request)
|
||||||
request.session.set_test_cookie()
|
request.session.set_test_cookie()
|
||||||
if Site._meta.installed:
|
if Site._meta.installed:
|
||||||
current_site = Site.objects.get_current()
|
current_site = Site.objects.get_current()
|
||||||
|
@ -145,16 +147,16 @@ def password_reset_complete(request, template_name='registration/password_reset_
|
||||||
{'login_url': settings.LOGIN_URL}))
|
{'login_url': settings.LOGIN_URL}))
|
||||||
|
|
||||||
def password_change(request, template_name='registration/password_change_form.html',
|
def password_change(request, template_name='registration/password_change_form.html',
|
||||||
post_change_redirect=None):
|
post_change_redirect=None, password_change_form=PasswordChangeForm):
|
||||||
if post_change_redirect is None:
|
if post_change_redirect is None:
|
||||||
post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
|
post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
|
||||||
if request.method == "POST":
|
if request.method == "POST":
|
||||||
form = PasswordChangeForm(request.user, request.POST)
|
form = password_change_form(user=request.user, data=request.POST)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
form.save()
|
form.save()
|
||||||
return HttpResponseRedirect(post_change_redirect)
|
return HttpResponseRedirect(post_change_redirect)
|
||||||
else:
|
else:
|
||||||
form = PasswordChangeForm(request.user)
|
form = password_change_form(user=request.user)
|
||||||
return render_to_response(template_name, {
|
return render_to_response(template_name, {
|
||||||
'form': form,
|
'form': form,
|
||||||
}, context_instance=RequestContext(request))
|
}, context_instance=RequestContext(request))
|
||||||
|
|
|
@ -262,8 +262,8 @@ Manager functions
|
||||||
Creates, saves and returns a :class:`~django.contrib.auth.models.User`.
|
Creates, saves and returns a :class:`~django.contrib.auth.models.User`.
|
||||||
The :attr:`~django.contrib.auth.models.User.username`,
|
The :attr:`~django.contrib.auth.models.User.username`,
|
||||||
:attr:`~django.contrib.auth.models.User.email` and
|
:attr:`~django.contrib.auth.models.User.email` and
|
||||||
:attr:`~django.contrib.auth.models.User.password` are set as given, and
|
:attr:`~django.contrib.auth.models.User.password` are set as given, and the
|
||||||
the :class:`~django.contrib.auth.models.User` gets ``is_active=True``.
|
:class:`~django.contrib.auth.models.User` gets ``is_active=True``.
|
||||||
|
|
||||||
If no password is provided,
|
If no password is provided,
|
||||||
:meth:`~django.contrib.auth.models.User.set_unusable_password()` will
|
:meth:`~django.contrib.auth.models.User.set_unusable_password()` will
|
||||||
|
@ -705,7 +705,7 @@ the following line to your URLconf::
|
||||||
|
|
||||||
(r'^accounts/login/$', 'django.contrib.auth.views.login'),
|
(r'^accounts/login/$', 'django.contrib.auth.views.login'),
|
||||||
|
|
||||||
.. function:: views.login(request, [template_name, redirect_field_name])
|
.. function:: views.login(request, [template_name, redirect_field_name, authentication_form])
|
||||||
|
|
||||||
Here's what ``django.contrib.auth.views.login`` does:
|
Here's what ``django.contrib.auth.views.login`` does:
|
||||||
|
|
||||||
|
@ -785,6 +785,15 @@ the following line to your URLconf::
|
||||||
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
|
.. versionadded:: 1.2
|
||||||
|
|
||||||
|
If you are using alternate authentication (see
|
||||||
|
:ref:`authentication-backends`) you can pass a custom authentication form
|
||||||
|
to the login view via the ``authentication_form`` parameter. This form must
|
||||||
|
accept a ``request`` keyword argument in its ``__init__`` method, and
|
||||||
|
provide a ``get_user`` argument which returns the authenticated user object
|
||||||
|
(this method is only ever called after successful form validation).
|
||||||
|
|
||||||
.. _forms documentation: ../forms/
|
.. _forms documentation: ../forms/
|
||||||
.. _site framework docs: ../sites/
|
.. _site framework docs: ../sites/
|
||||||
|
|
||||||
|
@ -824,7 +833,7 @@ includes a few other useful built-in views located in
|
||||||
* ``login_url``: The URL of the login page to redirect to. This will
|
* ``login_url``: The URL of the login page to redirect to. This will
|
||||||
default to :setting:`settings.LOGIN_URL <LOGIN_URL>` if not supplied.
|
default to :setting:`settings.LOGIN_URL <LOGIN_URL>` if not supplied.
|
||||||
|
|
||||||
.. function:: views.password_change(request[, template_name, post_change_redirect])
|
.. function:: views.password_change(request[, template_name, post_change_redirect, password_change_form])
|
||||||
|
|
||||||
Allows a user to change their password.
|
Allows a user to change their password.
|
||||||
|
|
||||||
|
@ -837,6 +846,13 @@ includes a few other useful built-in views located in
|
||||||
* ``post_change_redirect``: The URL to redirect to after a successful
|
* ``post_change_redirect``: The URL to redirect to after a successful
|
||||||
password change.
|
password change.
|
||||||
|
|
||||||
|
* .. versionadded:: 1.2
|
||||||
|
|
||||||
|
``password_change_form``: A custom "change password" form which must
|
||||||
|
accept a ``user`` keyword argument. The form is responsible for
|
||||||
|
actually changing the user's password.
|
||||||
|
|
||||||
|
|
||||||
**Template context:**
|
**Template context:**
|
||||||
|
|
||||||
* ``form``: The password change form.
|
* ``form``: The password change form.
|
||||||
|
|
Loading…
Reference in New Issue