Django reset password not catching invalid email ids

1
votes

I'm using Django's built in reset password views with custom templates. Although it works successfully, it does not show an error message if the email id submitted is not already registered in the site.

I followed the instructions here to help me reach till this point.

#urls.py

url(r'^users/password/reset/$', 
     'django.contrib.auth.views.password_reset', 
     {'post_reset_redirect' : '/users/password/reset/done/'},
     name="reset_password"
),

url(r'^users/password/reset/done/$',
     'django.contrib.auth.views.password_reset_done'
),

url(r'^users/password/reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>.+)/$',
     'django.contrib.auth.views.password_reset_confirm', 
     {'post_reset_redirect' : '/users/password/done/'}
),

url(r'^users/password/done/$',
     'django.contrib.auth.views.password_reset_complete'
),

Whatever email id I give, Django always redirects me to /users/password/reset/done/ which says:

We've e-mailed you instructions for setting your password to the e-mail address
you submitted.

You should be receiving it shortly.

This is misleading, since users might've entered their email address wrong and still be seeing the above page.

How do I show an error message if the email address is not registered?

Thanks in advance.

1
pythondjangodjango-formsdjango-views

1 Answers

3
votes

The easy way to implement that is to use django-allauth. Works without any extra setting, leaving the message: The e-mail address is not assigned to any user account.

I have not worked with raw users in a while, but if you absolutely need that you could try to create your own view and verify manually that the email is in the server (if it is you can call the original function). You may need to extend the template or the form to redirect the action to your own view.