Chi*_*wal 2 django token django-authentication django-rest-framework
我们的团队在后端使用django-rest-api,在前端使用angular-2.我们有密码重置问题.这里的网址是:
from django.contrib.auth import views as auth_views
urlpatterns = patterns(
'',
url(r'^password_reset/$', auth_views.password_reset, name='password_reset'),
url(r'^password_reset/done/$', auth_views.password_reset_done, name='password_reset_done'),
url(r'^reset/(?P<uidb64>[0-9A-Za-z_\-]+)/(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$',auth_views.password_reset_confirm, name='password_reset_confirm'),
url(r'^reset/done/$', auth_views.password_reset_complete, name='password_reset_complete'),
)
当发布对password_reset的请求时,用户会收到包含密码重置令牌的链接的电子邮件.令牌应在24小时内到期.
想要密码重置api,所以我们可以使用邮递员更改密码,前端开发人员也可以使用这个api.
你可以按照这些基本步骤 -
1) UI - Press reset password
2) UI - Type Email Id for verify (token will go to this ID)
a) Backend - Get email and verify/authenticate it
b) Generate a token [ you can use from drive.utils import
get_random_number ]
1) Save in DB - Token code, Email , Date(+1 day)
c) Send Email with Token
d) render to new html with email id
return render(request, 'forgot_password.html', {'email': email})
3) UI - GET token code from user ( pass email (from above) along with
code)
a) verify code and check if its expire (current date < code date)
b) if verified render to change password page (pass email)
4) UI - GET New Password from user (email from above)
a) change password
| 归档时间: |
|
| 查看次数: |
3197 次 |
| 最近记录: |