diff options
| author | Carl Meyer <carl@oddbird.net> | 2014-09-03 11:49:56 -0600 |
|---|---|---|
| committer | Carl Meyer <carl@oddbird.net> | 2014-09-03 12:25:11 -0600 |
| commit | 89559bcfb096ccc625e0e9ab41e2136fcb32a514 (patch) | |
| tree | 038be87511e87bb5a71d7415d4206b22dd68fd83 | |
| parent | 4db75925be90affaf49ffe5361b47a56762f93d0 (diff) | |
Fixed #23409 -- Extract PasswordResetForm.get_users method.
Allows easier customization of policies regarding which users are allowed to
reset their password.
Thanks Aymeric for review.
| -rw-r--r-- | django/contrib/auth/forms.py | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py index 992abbaa0f..c54a0862ed 100644 --- a/django/contrib/auth/forms.py +++ b/django/contrib/auth/forms.py @@ -220,6 +220,18 @@ class PasswordResetForm(forms.Form): email_message.send() + def get_users(self, email): + """Given an email, return matching user(s) who should receive a reset. + + This allows subclasses to more easily customize the default policies + that prevent inactive users and users with unusable passwords from + resetting their password. + + """ + active_users = get_user_model()._default_manager.filter( + email__iexact=email, is_active=True) + return (u for u in active_users if u.has_usable_password()) + def save(self, domain_override=None, subject_template_name='registration/password_reset_subject.txt', email_template_name='registration/password_reset_email.html', @@ -229,15 +241,8 @@ class PasswordResetForm(forms.Form): Generates a one-use only link for resetting password and sends to the user. """ - UserModel = get_user_model() email = self.cleaned_data["email"] - active_users = UserModel._default_manager.filter( - email__iexact=email, is_active=True) - for user in active_users: - # Make sure that no email is sent to a user that actually has - # a password marked as unusable - if not user.has_usable_password(): - continue + for user in self.get_users(email): if not domain_override: current_site = get_current_site(request) site_name = current_site.name |
