def forgot_passwd_check(request, uidb64=None, token=None):
"""
Page that checks the hash in a password reset link, generates a new password which is send via SMS to the user.
"""
assert uidb64 is not None and token is not None
try:
user = User.objects.get(id=urlsafe_base64_decode(uidb64))
profile = user.userprofile
except (ValueError, OverflowError, User.DoesNotExist):
profile = None
if profile and profile.email_token == token:
# Email address is verified, we cant compare to token as register token is different to reset one.
profile.email_token = ''
profile.email_verified = True
# This may look strange - setting the phone_verified before the user logs in. It is not :) We are sending new
# password to phone number in profile, after the user logs in we would set phone_verified to True anyway.
profile.phone_verified = True
profile.save()
return password_reset_confirm(
request,
uidb64=uidb64,
token=token,
template_name='gui/accounts/forgot_check.html',
set_password_form=PasswordResetForm,
post_reset_redirect=reverse('forgot_check_done'),
current_app='gui')
评论列表
文章目录
