Join us and get access to hundreds of tutorials and a community of expert Pythonistas.

Unlock This Lesson

This lesson is for members only. Join us and get access to hundreds of tutorials and a community of expert Pythonistas.

Unlock This Lesson

Hint: You can adjust the default video playback speed in your account settings.
Hint: You can set the default subtitles language in your account settings.
Sorry! Looks like there’s an issue with video playback 🙁 This might be due to a temporary outage or because of a configuration issue with your browser. Please see our video player troubleshooting guide to resolve the issue.

Managing Passwords

In this lesson, you can try to access the password change form without logging in by visiting http://127.0.0.1:8000/accounts/password_change.

00:00 Password Management. At some point, your users might want to change their passwords. Instead of making them ask the admin to do it for them, you can add a password change form to your application.

00:14 Django needs two templates to make this work: the password_change_form to display the password change form and password_change_done to show a confirmation that the password was successfully changed.

00:29 Let’s get started with a password change form.

00:44 This template looks almost the same as the login template you created earlier on, but this time Django will put a password change form here, not a login form, so the browser will display it differently.

01:09 The other template that’s needed is password_change_done, as seen on-screen.

01:27 This will reassure your users that a password change was successful and let them go back to the dashboard. The dashboard would be a perfect place to include a link to your newly created password change form. You just have to make sure it’s shown to logged in users only.

01:58 If you follow the link in your browser, you should see the form that’s seen on-screen. Go ahead and test this. Change the password, log out, and then log back in again.

02:16 You can also try to access the password change form without logging in by accessing the URL seen on-screen. Django is clever enough to detect that you should log in first and will automatically redirect you to the login page.

02:31 Mistakes happen to all of us, and every now and then, somebody might forget their password. Your Django user management system should handle that situation too.

02:41 This functionality is a bit more complicated because in order to deliver password reset links, your application needs to send emails. Don’t worry. You won’t have to configure your own email server. Django provides an alternative email backend, which passes the contents of any email to the console, allowing you to see what would have been sent.

03:03 To enable this, make the changes seen on-screen to settings.py. Django needs two templates for sending password reset links. The password reset form displays the form used to request a password reset email. password_reset_done shows a confirmation that a password reset email was sent.

03:34 They’ll be very similar to the password change templates you created earlier. Start with the form.

04:19 Next, add the confirmation template.

04:46 It’s also a good idea to include the link to the password reset form on the login page. Your newly created password reset form should look as seen on-screen. Type in the admin email address and press Reset.

05:14 In the terminal running Django, you should see a message similar to the one seen on-screen. This is the content of an email that would be sent to your admin.

05:23 It contains information about the application that sent it plus a password reset link. In the next section, you’ll see how to create the templates needed for the links and emails to work.

Become a Member to join the conversation.