Django password_reset表单电子邮件验证 [英] Django password_reset Form email validation

问题描述

Django password_reset表单不检查电子邮件是否存在。还可以验证给定电子邮件地址的形式。

Django password_reset Form does not check if email exists or not. Also validates form whatever email address is given.

问题是，如何检查不存在自定义形式的电子邮件并抛出错误？

The question is, how do i check and throw error for non existing emails with custom form?

顺便说一句，我在此处，但它对我不起作用。 （使用Django 2.1）。如果这行得通，我找不到我所缺少的东西。

By the way, i found below solution at here but it is not working for me. (using Django 2.1). And if this should work, i couldn't found what i am missing.

forms.py

class EmailValidationOnForgotPassword(PasswordResetForm):
def clean_email(self):
    email = self.cleaned_data['email']
    if not User.objects.filter(email__iexact=email, is_active=True).exists():
        raise ValidationError("There is no user registered with the specified email address!")

    return email

urls.py

path('sifre-sifirla/', PasswordResetView.as_view(), {'password_reset_form':EmailValidationOnForgotPassword}, name='password_reset'),

谢谢。

编辑：

对于其他用户信息，问题由@Alasdair回答并且正在工作，但@pypypy的观点也很重要。

For other users information, question is answered by @Alasdair and working but @pypypy 's point of view is also important.

urls.py 中的更改如下：

path('sifre-sifirla/', PasswordResetView.as_view(form_class=EmailValidationOnForgotPassword), name='password_reset'),

推荐答案

总结以上讨论，并摘自@Alasdair

Summarizing the discussion above with parts taken from @Alasdair

#forms.py
from django.contrib.auth.forms import PasswordResetForm

class EmailValidationOnForgotPassword(PasswordResetForm):

    def clean_email(self):
        email = self.cleaned_data['email']
        if not User.objects.filter(email__iexact=email, is_active=True).exists():
            msg = _("There is no user registered with the specified E-Mail address.")
            self.add_error('email', msg)
        return email

并且

#urls.py
from accounts.forms import EmailValidationOnForgotPassword

path('sifre-sifirla/', PasswordResetView.as_view(form_class=EmailValidationOnForgotPassword), name='password_reset'),

@pypypy，这是正确的说法用于获取用户名。 减少问题的一种方法是，一旦用户尝试3个不同的电子邮件，就会出现 429个请求过多 c的情况。可以使用例如 django-ratelimit

@pypypy, is correct in saying that this approach can be used to obtain usernames. One way to reduce this issue is to respond with a 429 Too Many Requests as soon an user tries 3 different E-Mails. That can be achived using for example django-ratelimit

这篇关于Django password_reset表单电子邮件验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！