使用 Rest 重置 Django 密码 API
Django Password Reset using Rest API
我们的团队在后端使用 django-rest-api,在前端使用 angular-2。我们有密码重置问题。这里的网址:
from django.contrib.auth import views as auth_views
urlpatterns = patterns(
'',
url(r'^password_reset/$', auth_views.password_reset, name='password_reset'),
url(r'^password_reset/done/$', auth_views.password_reset_done, name='password_reset_done'),
url(r'^reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',auth_views.password_reset_confirm, name='password_reset_confirm'),
url(r'^reset/done/$', auth_views.password_reset_complete, name='password_reset_complete'),
)
当向 password_reset 发送请求时,用户会收到 link 包含密码重置令牌的电子邮件。
令牌应在 24 小时内过期。
想要重置密码 api,所以我们可以使用邮递员更改密码,前端开发人员也可以使用这个 api。
您可以遵循这些基本步骤 -
1) UI - Press reset password
2) UI - Type Email Id for verify (token will go to this ID)
a) Backend - Get email and verify/authenticate it
b) Generate a token [ you can use from drive.utils import
get_random_number ]
1) Save in DB - Token code, Email , Date(+1 day)
c) Send Email with Token
d) render to new html with email id
return render(request, 'forgot_password.html', {'email': email})
3) UI - GET token code from user ( pass email (from above) along with
code)
a) verify code and check if its expire (current date < code date)
b) if verified render to change password page (pass email)
4) UI - GET New Password from user (email from above)
a) change password
我们的团队在后端使用 django-rest-api,在前端使用 angular-2。我们有密码重置问题。这里的网址:
from django.contrib.auth import views as auth_views
urlpatterns = patterns(
'',
url(r'^password_reset/$', auth_views.password_reset, name='password_reset'),
url(r'^password_reset/done/$', auth_views.password_reset_done, name='password_reset_done'),
url(r'^reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',auth_views.password_reset_confirm, name='password_reset_confirm'),
url(r'^reset/done/$', auth_views.password_reset_complete, name='password_reset_complete'),
)
当向 password_reset 发送请求时,用户会收到 link 包含密码重置令牌的电子邮件。 令牌应在 24 小时内过期。
想要重置密码 api,所以我们可以使用邮递员更改密码,前端开发人员也可以使用这个 api。
您可以遵循这些基本步骤 -
1) UI - Press reset password
2) UI - Type Email Id for verify (token will go to this ID)
a) Backend - Get email and verify/authenticate it
b) Generate a token [ you can use from drive.utils import
get_random_number ]
1) Save in DB - Token code, Email , Date(+1 day)
c) Send Email with Token
d) render to new html with email id
return render(request, 'forgot_password.html', {'email': email})
3) UI - GET token code from user ( pass email (from above) along with
code)
a) verify code and check if its expire (current date < code date)
b) if verified render to change password page (pass email)
4) UI - GET New Password from user (email from above)
a) change password