Skip to main content

PasswordResetConfirmView

This class provides the logic for users to set a new password using a secure, one-time use link. It validates the user identity and token provided in the URL, manages session-based security to prevent token leakage, and optionally logs the user in after a successful password reset.

Attributes

AttributeTypeDescription
form_class[Form](../../../forms/forms/form.md?sid=django_forms_forms_form) = SetPasswordFormThe form class used to set the new password for the user.
post_reset_loginboolean = FalseA boolean flag indicating whether the user should be automatically logged in after a successful password reset.
post_reset_login_backendstring = nullThe dotted path to the authentication backend to use when logging the user in after a reset.
reset_url_tokenstring = "set-password"A placeholder string used in the URL to represent the password reset session after the initial token validation.
success_urlstring = reverse_lazy("password_reset_complete")The URL to redirect to after the password has been successfully reset.
template_namestring = "registration/password_reset_confirm.html"The path to the template used to render the password reset confirmation page.
titlestring = _("Enter new password")The title displayed on the password reset confirmation page.
token_generatorobject = default_token_generatorThe generator instance used to verify the validity of the password reset token.

Methods

dispatch()

@classmethod
def dispatch(
    *args: tuple,
    **kwargs: dict
) - > [HttpResponse](../../../http/response/httpresponse.md?sid=django_http_response_httpresponse)

Validates the reset token and user ID from the URL, managing session security to prevent token leakage before rendering the view.

Parameters

NameTypeDescription
*argstupleVariable positional arguments passed to the view.
**kwargsdictKeyword arguments containing 'uidb64' and 'token' required for user identification and validation.

Returns

TypeDescription
[HttpResponse](../../../http/response/httpresponse.md?sid=django_http_response_httpresponse)An HTTP response that either displays the password reset form, redirects to a secure URL, or shows a failure message.

get_user()

@classmethod
def get_user(
    uidb64: string
) - > User|None

Retrieves the user object corresponding to the provided base64-encoded primary key.

Parameters

NameTypeDescription
uidb64stringThe base64-encoded string representing the user's primary key.

Returns

TypeDescription
`UserNone`

get_form_kwargs()

@classmethod
def get_form_kwargs() - > dict

Injects the retrieved user instance into the keyword arguments used to instantiate the password reset form.

Returns

TypeDescription
dictA dictionary of arguments including the 'user' object required by SetPasswordForm.

form_valid()

@classmethod
def form_valid(
    form: [Form](../../../forms/forms/form.md?sid=django_forms_forms_form)
) - > [HttpResponse](../../../http/response/httpresponse.md?sid=django_http_response_httpresponse)

Saves the new password, clears the temporary reset token from the session, and optionally logs the user in.

Parameters

NameTypeDescription
form[Form](../../../forms/forms/form.md?sid=django_forms_forms_form)The validated form instance containing the new password data.

Returns

TypeDescription
[HttpResponse](../../../http/response/httpresponse.md?sid=django_http_response_httpresponse)A redirect to the success URL after the password has been successfully updated.

get_context_data()

@classmethod
def get_context_data(
    **kwargs: dict
) - > dict

Builds the template context, including the 'validlink' status and appropriate page titles based on token validity.

Parameters

NameTypeDescription
**kwargsdictAdditional keyword arguments to be included in the template context.

Returns

TypeDescription
dictThe context dictionary used to render the password reset confirmation or failure template.