password_reset(request, template_name='registration/password_reset_form.html', email_template_name='registration/password_reset_email.html', subject_template_name='registration/password_reset_subject.txt', password_reset_form=PasswordResetForm, token_generator=default_token_generator, post_reset_redirect=None, from_email=None, current_app=None, extra_context=None, html_email_template_name=None, extra_email_context=None)
Allows a user to reset their password by generating a one-time use link that can be used to reset the password, and sending that link to the user’s registered email address.
If the email address provided does not exist in the system, this view won’t send an email, but the user won’t receive any error message either. This prevents information leaking to potential attackers. If you want to provide an error message in this case, you can subclass PasswordResetForm
and use the password_reset_form
argument.
Users flagged with an unusable password (see set_unusable_password()
aren’t allowed to request a password reset to prevent misuse when using an external authentication source like LDAP. Note that they won’t receive any error message since this would expose their account’s existence but no mail will be sent either.
URL name: password_reset
Optional arguments:
-
template_name
: The full name of a template to use for displaying the password reset form. Defaults toregistration/password_reset_form.html
if not supplied. -
email_template_name
: The full name of a template to use for generating the email with the reset password link. Defaults toregistration/password_reset_email.html
if not supplied. -
subject_template_name
: The full name of a template to use for the subject of the email with the reset password link. Defaults toregistration/password_reset_subject.txt
if not supplied. -
password_reset_form
: Form that will be used to get the email of the user to reset the password for. Defaults toPasswordResetForm
. -
token_generator
: Instance of the class to check the one time link. This will default todefault_token_generator
, it’s an instance ofdjango.contrib.auth.tokens.PasswordResetTokenGenerator
. -
post_reset_redirect
: The URL to redirect to after a successful password reset request. -
from_email
: A valid email address. By default Django uses theDEFAULT_FROM_EMAIL
. -
current_app
: A hint indicating which application contains the current view. See the namespaced URL resolution strategy for more information. -
extra_context
: A dictionary of context data that will be added to the default context data passed to the template. -
html_email_template_name
: The full name of a template to use for generating atext/html
multipart email with the password reset link. By default, HTML email is not sent. -
extra_email_context
: A dictionary of context data that will be available in the email template.
Deprecated since version 1.9: The current_app
parameter is deprecated and will be removed in Django 2.0. Callers should set request.current_app
instead.
The extra_email_context
parameter was added.
Template context:
-
form
: The form (seepassword_reset_form
above) for resetting the user’s password.
Email template context:
-
email
: An alias foruser.email
-
user
: The currentUser
, according to theemail
form field. Only active users are able to reset their passwords (User.is_active is True
). -
site_name
: An alias forsite.name
. If you don’t have the site framework installed, this will be set to the value ofrequest.META['SERVER_NAME']
. For more on sites, see The “sites” framework. -
domain
: An alias forsite.domain
. If you don’t have the site framework installed, this will be set to the value ofrequest.get_host()
. -
protocol
: http or https -
uid
: The user’s primary key encoded in base 64. -
token
: Token to check that the reset link is valid.
Sample registration/password_reset_email.html
(email body template):
Someone asked for password reset for email {{ email }}. Follow the link below: {{ protocol}}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}
The same template context is used for subject template. Subject must be single line plain text string.
Please login to continue.