在Django 1.5中使用密码确认操作

时间:2023-01-11 19:22:24

How can I create a "confirm with password" form in Django 1.5? I am going to make a function to disable the user account, but the account shouldn't be disabled if the user can't provide the correct password. I've tried with a FormView and form_class=AuthenticationForm, but it shows both the username and password, and I want only the password, because the user is already logged in.

如何在Django 1.5中创建“带有密码的确认”表单?我将创建一个函数来禁用用户帐户,但是如果用户不能提供正确的密码,则不应该禁用该帐户。我尝试过FormView和form_class=AuthenticationForm,但它同时显示用户名和密码,我只想要密码,因为用户已经登录了。

1 个解决方案

#1

1  

Write a password validation form:

编写密码验证表单:

forms.py

forms.py

from django import forms
from django.contrib.auth.models import check_password

class ValidatePasswordForm(forms.Form):
    password = forms.CharField(label="Your Password",
        widget=forms.PasswordInput)

    def __init__(self, *args, **kwargs):
        self.user = kwargs.pop('user')
        super(ValidatePasswordForm, self).__init__(*args, **kwargs)

    def clean_password(self):
        password = self.cleaned_data['password']
        valid = check_password(password, self.user.password)
        if not valid:
            raise forms.ValidationError('Invalid password')
        return password

views.py

views.py

from django.shortcuts import render_to_response
from django.template import RequestContext

from myapp.forms import ValidatePasswordForm

@login_required
def validate_password(request):
    form = ValidatePasswordForm(request.POST or None, user=request.user)
    if request.method == 'POST':
        if form.is_valid():
            # do something upon validation
            # disable account
            pass
    request_dict = {'form': form}
    return render_to_response('my_template.html',
        request_dict, context_instance=RequestContext(request))

#1

1  

Write a password validation form:

编写密码验证表单:

forms.py

forms.py

from django import forms
from django.contrib.auth.models import check_password

class ValidatePasswordForm(forms.Form):
    password = forms.CharField(label="Your Password",
        widget=forms.PasswordInput)

    def __init__(self, *args, **kwargs):
        self.user = kwargs.pop('user')
        super(ValidatePasswordForm, self).__init__(*args, **kwargs)

    def clean_password(self):
        password = self.cleaned_data['password']
        valid = check_password(password, self.user.password)
        if not valid:
            raise forms.ValidationError('Invalid password')
        return password

views.py

views.py

from django.shortcuts import render_to_response
from django.template import RequestContext

from myapp.forms import ValidatePasswordForm

@login_required
def validate_password(request):
    form = ValidatePasswordForm(request.POST or None, user=request.user)
    if request.method == 'POST':
        if form.is_valid():
            # do something upon validation
            # disable account
            pass
    request_dict = {'form': form}
    return render_to_response('my_template.html',
        request_dict, context_instance=RequestContext(request))
标签:

相关文章