diff options
| author | Tim Graham <timograham@gmail.com> | 2013-06-21 16:59:33 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2013-06-26 13:11:47 -0400 |
| commit | 1184d077893ff1bc947e45b00a4d565f3df81776 (patch) | |
| tree | 1011df8828a780f762197352d2145e1735315dd7 /docs/internals | |
| parent | b6a87f5c93efa5192433be1e45fc4e79d54efdc7 (diff) | |
Fixed #14881 -- Modified password reset to work with a non-integer UserModel.pk.
uid is now base64 encoded in password reset URLs/views. A backwards compatible
password_reset_confirm view/URL will allow password reset links generated before
this change to continue to work. This view will be removed in Django 1.7.
Thanks jonash for the initial patch and claudep for the review.
Diffstat (limited to 'docs/internals')
| -rw-r--r-- | docs/internals/deprecation.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/internals/deprecation.txt b/docs/internals/deprecation.txt index 45f82b49e6..9672746717 100644 --- a/docs/internals/deprecation.txt +++ b/docs/internals/deprecation.txt @@ -326,6 +326,14 @@ these changes. remove calls to this method, and instead ensure that their auth related views are CSRF protected, which ensures that cookies are enabled. +* The version of :func:`django.contrib.auth.views.password_reset_confirm` that + supports base36 encoded user IDs + (``django.contrib.auth.views.password_reset_confirm_uidb36``) will be + removed. If your site has been running Django 1.6 for more than + :setting:`PASSWORD_RESET_TIMEOUT_DAYS`, this change will have no effect. If + not, then any password reset links generated before you upgrade to Django 1.7 + won't work after the upgrade. + 1.8 --- |
