Home > Enterprise >  dj allauth get password when its resetted
dj allauth get password when its resetted

Time:07-17

I need to provide the raw password of an allauth user to a third party provider when he resets his password. So everytime when the password gets resetted I call the @receiver(password_reset). However, then the password was already salted. I need to get the raw password data to realise the password change also at an external service. How would get the new "raw" password, which wasn't already salted or how could I desalt it?

from allauth.account.signals import password_reset
from django.dispatch import receiver
@receiver(password_reset)
def password_change_callback(sender, request, user, **kwargs):
        #run third party api call containing the new password

CodePudding user response:

If what you want is to get the new password a user inputed while changing his/her password. What you can do is that on the post request you store the value of the new password the user inputed in the form in a variable. This way after you have reseted the password you can still access the raw password since you saved it in a variable before resetting. So something like the below:

new_password = request.POST.get("new_password")
# your code to set the new password goes here
and after that you can still access the new_password variable and do whatever you want with it.

CodePudding user response:

class ChangeUserPasswordView(UpdateAPIView):

queryset = User.objects.filter(is_active=True)
permission_classes = (IsAuthenticated,)
serializer_class = ChangePasswordSerializer

def get_object(self, *args, **kwargs):
    return self.request.user

from django.contrib.auth.password_validation import validate_password

class ChangePasswordSerializer(serializers.ModelSerializer):
new_password = serializers.CharField(
    write_only=True, required=True, validators=[validate_password]
)
confirm_password = serializers.CharField(write_only=True, required=True)
old_password = serializers.CharField(write_only=True, required=True)

class Meta:
    model = User
    fields = ("old_password", "new_password", "confirm_password")

def validate_old_password(self, value):
    user = self.context["request"].user
    if not user.check_password(value):
        raise serializers.ValidationError(
            {"old_password": "Old password is not correct"}
        )

    return value

def validate(self, attrs):
    if attrs["new_password"] != attrs["confirm_password"]:
        raise serializers.ValidationError(
            {"password": "Password fields didn't match."}
        )

    return attrs

def update(self, instance, validated_data):
    instance.set_password(validated_data["new_password"])
    instance.save()

    return instance

In your user model add function

from django.contrib.auth.hashers import check_password

    def check_password(self, raw_password, *args, **kwargs):
    return check_password(raw_password, self.password)

Here in the serializer validate function you have access to the user's inputed password using

attrs["new_password"]

Page link:https//www.codepudding.com/Enterprise/478202.html

Prev:Join/ Merge 2 Comma Separated Text Files
Next:PyInstaller main.exe can't import PySide2.QtQuick
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding