Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Django Rest Framework + Django-Allauth Password Reset/Recovery

I am trying to create a password recovery flow using Django Rest Framework and Django-Allauth.

Django-Allauth already does everything i need, my question is can i programatically call a django-allauth function or view from DRF that receives the email i want to reset and continues with the rest of the normal allauth flow (like creating the temporary tokens and sending the email to the client?

I don't see the point on having to rewrite all that code if one of the apps is doing everything i need. just need some help on how to "glue" them :)

like image 750
psychok7 Avatar asked Nov 11 '14 16:11

psychok7


People also ask

How to reset password with Django REST framework and Djoser?

When user clicks the reset link, the reset password confirm view is displayed. This view takes the uid and token from the link and a new password and send POST request to the Django server to set a new password. In this post, we will create the reset password functionality with Django Rest Framework and Djoser package.

Does Django support OAuth2?

Django REST framework OAuth The Django REST framework OAuth package provides both OAuth1 and OAuth2 support for REST framework. This package was previously included directly in REST framework but is now supported and maintained as a third party package.

What is Django REST framework OAuth package?

The Django REST framework OAuthpackage provides both OAuth1 and OAuth2 support for REST framework. This package was previously included directly in the REST framework but is now supported and maintained as a third-party package. Installation & configuration Install the package using pip. pip install djangorestframework-oauth

What is Django_rest_passwordreset_no_information_leakage?

DJANGO_REST_PASSWORDRESET_NO_INFORMATION_LEAKAGE - will cause a 200 to be returned on POST $ {API_URL}/reset_password/ even if the user doesn't exist in the databse (Default: False) DJANGO_REST_MULTITOKENAUTH_REQUIRE_USABLE_PASSWORD - allows password reset for a user that does not have a usable password (Default: True)


Video Answer


1 Answers

i figured it out

I added this to my DRF resource

@list_route(
    methods=['post'], permission_classes=[AllowAny],
    authentication_classes=[NoAuthentication]
)
def recover_password(self, request):
    if request.DATA.get('email'):
        # Lets be smart and reuse django-allauth password recovery system
        form = ResetPasswordForm({'email': request.DATA.get('email')})
        if form.is_valid():
            form.save()
            return Response(status=200)
    return Response(status=400)
like image 165
psychok7 Avatar answered Sep 21 '22 05:09

psychok7