views.py to save the password:
的观点。py保存密码:
elif 'reset_password' in request.POST:
if request.POST['reset_password'].strip():
saveuser = User.objects.get(id=user.id)
saveuser.set_password(request.POST['reset_password']);
saveuser.save()
userform = UserForm(instance=saveuser)
return redirect('incident.views.about_me')
popup box to get the old password and new password
弹出框,获取旧密码和新密码。
<div id="overlay_form" style="display:none">
<form method="post" action=".">
{% csrf_token %}
<h2>Reset Password</h2><br />
<table>
<tr><td>Enter your old password</td><td>
<input type="text" name="old_password" id="old_password" maxlength="30" /></td></tr>
<tr><td>Enter your new password</td><td><input type="text" name="new_password" id="new_password" maxlength="30" /></td></tr>
<tr><td>Confirm your new password</td><td><input type="text" name="reset_password" id="reset_password" maxlength="30" /></td></tr>
</table>
<div style="width:180px;float:right;margin:20px 5px 0 10px">
{% include "buttons/save.html" %}
<button style="margin-right:10px;" type="button" id="close" name="cancel" class="forward backicon">
<img src="{{ STATIC_URL }}images/button-icon-ir-back.png" width="12" height="17" alt="" />
Cancel</button>
</div>
</form>
</div>
I am able to save the new password,but i want to know the following things
我可以保存新的密码,但是我想知道以下事情
-
How to check the entered old password is correct with existing password.
如何检查输入的旧密码与现有密码是正确的。
-
How to validate new password field and confirm password field.Which validation is better to perform.
如何验证新密码字段和确认密码字段。执行哪种验证更好。
Need some help.
需要一些帮助。
3 个解决方案
#1
1
Django Code to check if the password entered by user matches the actual old password; if it does not, raise validation error in django form. Also, update the password if both of the passwords match.
Tested on (Django 1.10, Python 3.4)
forms.py
forms.py
from django import forms
从django导入形式
class changePassForm(forms.Form):
类changePassForm(forms.Form):
old_password_flag = True #Used to raise the validation error when it is set to False
old_password = forms.CharField(label="Old Password", min_length=6, widget=forms.PasswordInput())
new_password = forms.CharField(label="New Password", min_length=6, widget=forms.PasswordInput())
re_new_password = forms.CharField(label="Re-type New Password", min_length=6, widget=forms.PasswordInput())
def set_old_password_flag(self):
#This method is called if the old password entered by user does not match the password in the database, which sets the flag to False
self.old_password_flag = False
return 0
def clean_old_password(self, *args, **kwargs):
old_password = self.cleaned_data.get('old_password')
if not old_password:
raise forms.ValidationError("You must enter your old password.")
if self.old_password_flag == False:
#It raise the validation error that password entered by user does not match the actucal old password.
raise forms.ValidationError("The old password that you have entered is wrong.")
return old_password
views.py
views.py
def settings(request):
def设置(请求):
if request.user.is_authenticated:
form = changePassForm(request.POST or None)
old_password = request.POST.get("old_password")
new_password = request.POST.get("new_password")
re_new_password = request.POST.get("re_new__password")
if request.POST.get("old_password"):
user = User.objects.get(username= request.user.username)
#User entered old password is checked against the password in the database below.
if user.check_password('{}'.format(old_password)) == False:
form.set_old_password_flag()
if form.is_valid():
user.set_password('{}'.format(new_password))
user.save()
update_session_auth_hash(request, user)
return redirect('settings')
else:
return render(request, 'settings.html', {"form": form})
else:
return redirect('login')
settings.html
settings.html
<h1>Settings Page</h1>
<h2>Change Password</h2>
<form action="" method="POST">
{% csrf_token %}
{{ form.as_p }}
<input type="Submit" value="Update"></input>
</form>
#2
0
This is how you would check for old password - before the set_password
,
这是您如何检查旧密码——在set_password之前,
user.check_password(request.POST['reset_password'])
Also, check for password confirmation in the following way.
另外,请按以下方式检查密码确认。
elif 'reset_password' in request.POST:
old_password = request.POST['old_password'].strip()
reset_password = request.POST['reset_password'].strip()
new_password = request.POST['new_password'].strip()
if old_password && reset_password && reset_password == new_password:
saveuser = User.objects.get(id=user.id)
if user.check_password(old_password):
saveuser.set_password(request.POST['reset_password']);
saveuser.save()
userform = UserForm(instance=saveuser)
return redirect('incident.views.about_me')
It is a much better approach to use a form
.
使用表单是一种更好的方法。
#3
0
<form class="form-horizontal" action="/your_views/reset_password/" method="post">
{% csrf_token %}
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="Old password" id="old_password" name="old_password" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="New password" id="password1" name="password1" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="Re-new password" id="password2" name="password2" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<button type="submit" class="btn btn-block btn-success" style="background: #00A79D;">Reset</button>
</div>
</div>
</form>
#1
1
Django Code to check if the password entered by user matches the actual old password; if it does not, raise validation error in django form. Also, update the password if both of the passwords match.
Tested on (Django 1.10, Python 3.4)
forms.py
forms.py
from django import forms
从django导入形式
class changePassForm(forms.Form):
类changePassForm(forms.Form):
old_password_flag = True #Used to raise the validation error when it is set to False
old_password = forms.CharField(label="Old Password", min_length=6, widget=forms.PasswordInput())
new_password = forms.CharField(label="New Password", min_length=6, widget=forms.PasswordInput())
re_new_password = forms.CharField(label="Re-type New Password", min_length=6, widget=forms.PasswordInput())
def set_old_password_flag(self):
#This method is called if the old password entered by user does not match the password in the database, which sets the flag to False
self.old_password_flag = False
return 0
def clean_old_password(self, *args, **kwargs):
old_password = self.cleaned_data.get('old_password')
if not old_password:
raise forms.ValidationError("You must enter your old password.")
if self.old_password_flag == False:
#It raise the validation error that password entered by user does not match the actucal old password.
raise forms.ValidationError("The old password that you have entered is wrong.")
return old_password
views.py
views.py
def settings(request):
def设置(请求):
if request.user.is_authenticated:
form = changePassForm(request.POST or None)
old_password = request.POST.get("old_password")
new_password = request.POST.get("new_password")
re_new_password = request.POST.get("re_new__password")
if request.POST.get("old_password"):
user = User.objects.get(username= request.user.username)
#User entered old password is checked against the password in the database below.
if user.check_password('{}'.format(old_password)) == False:
form.set_old_password_flag()
if form.is_valid():
user.set_password('{}'.format(new_password))
user.save()
update_session_auth_hash(request, user)
return redirect('settings')
else:
return render(request, 'settings.html', {"form": form})
else:
return redirect('login')
settings.html
settings.html
<h1>Settings Page</h1>
<h2>Change Password</h2>
<form action="" method="POST">
{% csrf_token %}
{{ form.as_p }}
<input type="Submit" value="Update"></input>
</form>
#2
0
This is how you would check for old password - before the set_password
,
这是您如何检查旧密码——在set_password之前,
user.check_password(request.POST['reset_password'])
Also, check for password confirmation in the following way.
另外,请按以下方式检查密码确认。
elif 'reset_password' in request.POST:
old_password = request.POST['old_password'].strip()
reset_password = request.POST['reset_password'].strip()
new_password = request.POST['new_password'].strip()
if old_password && reset_password && reset_password == new_password:
saveuser = User.objects.get(id=user.id)
if user.check_password(old_password):
saveuser.set_password(request.POST['reset_password']);
saveuser.save()
userform = UserForm(instance=saveuser)
return redirect('incident.views.about_me')
It is a much better approach to use a form
.
使用表单是一种更好的方法。
#3
0
<form class="form-horizontal" action="/your_views/reset_password/" method="post">
{% csrf_token %}
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="Old password" id="old_password" name="old_password" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="New password" id="password1" name="password1" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<input type="password" placeholder="Re-new password" id="password2" name="password2" autocomplete="off" required class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-12">
<button type="submit" class="btn btn-block btn-success" style="background: #00A79D;">Reset</button>
</div>
</div>
</form>