Django allauth无效令牌错误未显示
我在Django项目中使用allauth进行身份验证 在PasswordResetFromKeyView中,无论出于何种原因,我都无法理解为什么在显示密码重置令牌无效时不会出现错误 相反,令牌被捕获为无效,但页面只是重新加载,没有向用户发送任何消息 allauth.account.views.PasswordResetFromKeyViewDjango allauth无效令牌错误未显示,django,django-allauth,Django,Django Allauth,我在Django项目中使用allauth进行身份验证 在PasswordResetFromKeyView中,无论出于何种原因,我都无法理解为什么在显示密码重置令牌无效时不会出现错误 相反,令牌被捕获为无效,但页面只是重新加载,没有向用户发送任何消息 allauth.account.views.PasswordResetFromKeyView class PasswordResetFromKeyView(AjaxCapableProcessFormViewMixin, FormView): tem
class PasswordResetFromKeyView(AjaxCapableProcessFormViewMixin, FormView):
template_name = (
"account/password_reset_from_key." + app_settings.TEMPLATE_EXTENSION)
form_class = ResetPasswordKeyForm
success_url = reverse_lazy("account_reset_password_from_key_done")
def get_form_class(self):
return get_form_class(app_settings.FORMS,
'reset_password_from_key',
self.form_class)
def dispatch(self, request, uidb36, key, **kwargs):
self.request = request
self.key = key
if self.key == INTERNAL_RESET_URL_KEY:
self.key = self.request.session.get(INTERNAL_RESET_SESSION_KEY, '')
# (Ab)using forms here to be able to handle errors in XHR #890
token_form = UserTokenForm(
data={'uidb36': uidb36, 'key': self.key})
if token_form.is_valid():
self.reset_user = token_form.reset_user
return super(PasswordResetFromKeyView, self).dispatch(request,
uidb36,
self.key,
**kwargs)
else:
token_form = UserTokenForm(
data={'uidb36': uidb36, 'key': self.key})
if token_form.is_valid():
# Store the key in the session and redirect to the
# password reset form at a URL without the key. That
# avoids the possibility of leaking the key in the
# HTTP Referer header.
self.request.session[INTERNAL_RESET_SESSION_KEY] = self.key
redirect_url = self.request.path.replace(
self.key, INTERNAL_RESET_URL_KEY)
return redirect(redirect_url)
self.reset_user = None
response = self.render_to_response(
self.get_context_data(token_fail=True)
)
return _ajax_response(self.request, response, form=token_form)
def get_context_data(self, **kwargs):
ret = super(PasswordResetFromKeyView, self).get_context_data(**kwargs)
ret['action_url'] = reverse(
'account_reset_password_from_key',
kwargs={'uidb36': self.kwargs['uidb36'],
'key': self.kwargs['key']})
return ret
class PasswordResetConfirmView(PasswordResetFromKeyView):
form_class = PasswordResetConfirmForm
template_name = 'users/password_reset_confirm.html'
def get_success_url(self):
return reverse('account_login')
查看
class PasswordResetFromKeyView(AjaxCapableProcessFormViewMixin, FormView):
template_name = (
"account/password_reset_from_key." + app_settings.TEMPLATE_EXTENSION)
form_class = ResetPasswordKeyForm
success_url = reverse_lazy("account_reset_password_from_key_done")
def get_form_class(self):
return get_form_class(app_settings.FORMS,
'reset_password_from_key',
self.form_class)
def dispatch(self, request, uidb36, key, **kwargs):
self.request = request
self.key = key
if self.key == INTERNAL_RESET_URL_KEY:
self.key = self.request.session.get(INTERNAL_RESET_SESSION_KEY, '')
# (Ab)using forms here to be able to handle errors in XHR #890
token_form = UserTokenForm(
data={'uidb36': uidb36, 'key': self.key})
if token_form.is_valid():
self.reset_user = token_form.reset_user
return super(PasswordResetFromKeyView, self).dispatch(request,
uidb36,
self.key,
**kwargs)
else:
token_form = UserTokenForm(
data={'uidb36': uidb36, 'key': self.key})
if token_form.is_valid():
# Store the key in the session and redirect to the
# password reset form at a URL without the key. That
# avoids the possibility of leaking the key in the
# HTTP Referer header.
self.request.session[INTERNAL_RESET_SESSION_KEY] = self.key
redirect_url = self.request.path.replace(
self.key, INTERNAL_RESET_URL_KEY)
return redirect(redirect_url)
self.reset_user = None
response = self.render_to_response(
self.get_context_data(token_fail=True)
)
return _ajax_response(self.request, response, form=token_form)
def get_context_data(self, **kwargs):
ret = super(PasswordResetFromKeyView, self).get_context_data(**kwargs)
ret['action_url'] = reverse(
'account_reset_password_from_key',
kwargs={'uidb36': self.kwargs['uidb36'],
'key': self.kwargs['key']})
return ret
class PasswordResetConfirmView(PasswordResetFromKeyView):
form_class = PasswordResetConfirmForm
template_name = 'users/password_reset_confirm.html'
def get_success_url(self):
return reverse('account_login')
模板
{% load crispy_forms_tags %}
<div class="content-section">
<form method="POST">
{% csrf_token %}
<fieldset class="form-group">
<legend class="border-bottom mb-4">Confirm New Password</legend>
{{ form|crispy }}
</fieldset>
<div class="form-group">
<button class="btn btn-outline-info" type="submit">Save password</button>
</div>
</form>
</div>
{%load crispy_forms_tags%}
{%csrf_令牌%}
确认新密码
{{form | crispy}}
保存密码
allauth视图使用模板“account/password\u reset\u from\u key.html”。您应该检查这一点,因为它包含一个if/else语句,用于在令牌无效时显示错误:
<h1>{% if token_fail %}{% trans "Bad Token" %}{% else %}{% trans "Change Password" %}{% endif %}</h1>
{% if token_fail %}
Some error message
{% else %}
<form> ... </form>
{% endif %}
{%if-token\u fail%}{%trans“坏令牌”%}{%else%}{%trans“更改密码”%}{%endif%}
{%if-token_fail%}
一些错误消息
{%else%}
...
{%endif%}
因此,当您重写模板时,只需确保在
token\u fail
为True
您重写模板了吗?如果表单无效,则将上下文作为token\u fail
传递为True
,这在模板中会使token的消息无效。@DirkRoten我确实重写了模板,我正在对视图进行子类化(编辑原始帖子以显示如何)。在模板中,您应该有一条{%If-token fail%}错误消息{%else%}{%endif%}
。