Refs #31978 -- Fixed hint in admin's password reset confirmation form for custom username fields.

Thanks Jaap Roes for the report.
2020-11-28 10:20:29 +01:00 · 2020-11-28 10:20:29 +01:00 · 3828427f63
parent 58740c0d7f
commit 3828427f63
2 changed files with 29 additions and 1 deletions
--- a/django/contrib/admin/templates/registration/password_reset_confirm.html
+++ b/django/contrib/admin/templates/registration/password_reset_confirm.html
@ -17,7 +17,7 @@

 <form method="post">{% csrf_token %}
 <fieldset class="module aligned">
-    <input class="hidden" autocomplete="username" value="{{ form.user.username }}">
+    <input class="hidden" autocomplete="username" value="{{ form.user.get_username }}">
    <div class="form-row field-password1">
        {{ form.new_password1.errors }}
        <label for="id_new_password1">{% translate 'New password:' %}</label>
--- a/tests/auth_tests/test_templates.py
+++ b/tests/auth_tests/test_templates.py
@ -1,3 +1,5 @@
+from datetime import date
+
 from django.contrib.auth import authenticate
 from django.contrib.auth.models import User
 from django.contrib.auth.tokens import PasswordResetTokenGenerator
@ -10,6 +12,7 @@ from django.urls import reverse
 from django.utils.http import urlsafe_base64_encode

 from .client import PasswordResetConfirmClient
+from .models import CustomUser


@override_settings(ROOT_URLCONF='auth_tests.urls')
@ -59,6 +62,31 @@ class AuthTemplateTests(TestCase):
            '<input class="hidden" autocomplete="username" value="jsmith">',
        )

+    @override_settings(AUTH_USER_MODEL='auth_tests.CustomUser')
+    def test_password_reset_confirm_view_custom_username_hint(self):
+        custom_user = CustomUser.custom_objects.create_user(
+            email='joe@example.com',
+            date_of_birth=date(1986, 11, 11),
+            first_name='Joe',
+        )
+        client = PasswordResetConfirmClient()
+        default_token_generator = PasswordResetTokenGenerator()
+        token = default_token_generator.make_token(custom_user)
+        uidb64 = urlsafe_base64_encode(str(custom_user.pk).encode())
+        url = reverse('password_reset_confirm', kwargs={'uidb64': uidb64, 'token': token})
+        response = client.get(url)
+        self.assertContains(
+            response,
+            '<title>Enter new password | Django site admin</title>',
+        )
+        self.assertContains(response, '<h1>Enter new password</h1>')
+        # The username field is added to the password reset confirmation form
+        # to help browser's password managers.
+        self.assertContains(
+            response,
+            '<input class="hidden" autocomplete="username" value="joe@example.com">',
+        )
+
    def test_password_reset_complete_view(self):
        response = PasswordResetCompleteView.as_view()(self.request)
        self.assertContains(response, '<title>Password reset complete | Django site admin</title>')