reset-password

With django-rest-framework, when you post a reset password (rest-auth/password/reset/), there is an email send to the user email. This email contains a confirmation URL. I would like to change this url because I'm on a REST app case, I want this email to point on my frontend instead of the django backend. With the confirmation email case, I had to override get_email_confirmation_url method from the AccountAdapter . But with the reset password case, I have no clue how to do it (there is no method in the adapter about reseting password). Any idea? I did it with templatetags: https://docs

Any best practice on how a reset password token should be constructed? I'm thinking: random 17 characters [a-zA-Z0-9] + a globally unique id + random 17 characters [a-zA-Z0-9]. Is there a better solution, or an industry standard on reset password tokens? martinstoeckli There are some important points to consider. The code should be really random (read from MCRYPT_DEV_URANDOM), and should not be derrived from other user related information. Ideally the code is base62 encoded (A-Z a-z 0-9) to avoid problems with the Url. Store only a hash of the token in the database , otherwise an attacker with

I am wondering if there is a way to reset password with UserManager of ASP.NET MVC 5 I tried this with user that already has a password but no success. Any clue? IdentityResult result = UserManager.AddPassword(forgotPasswordEvent.UserId.ToString(), model.ConfirmPassword); if (result.Succeeded) { // } else { AddErrors(result); } Developer It is here ASP.NET Identity reset password UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>()); userManager.RemovePassword(userId); userManager.AddPassword(userId, newPassword); I suppose this is newer but there

I use Passport.js in Node.js to create a login system. Everything is ok, but I do not know how to reset user password when they forget their password or they want to change it. User model in MongoDB var UserSchema = new Schema({ email: String, username: String, provider: String, hashed_password: String, salt: String, }); Didn't really like the idea of hitting my database to store tokens, especially when you want to be creating and verifying tokens for many actions. Instead I decided to copy how Django does it : convert timestamp_today to base36 as today convert user.id to base36 as ident

I am a beginner in django (django 1.7 python 2.7). I am trying to add no captcha recaptcha onto my django reset password form. I am trying to use this recaptcha djano plugin . I have followed the instructions and added the necessay settings: Installed django-recaptcha to the Python path. Added captcha to the INSTALLED_APPS setting. Added the following to my settings.py file: RECAPTCHA_PUBLIC_KEY = '76wtgdfsjhsydt7r5FFGFhgsdfytd656sad75fgh' # fake - for the purpose of this post. RECAPTCHA_PRIVATE_KEY = '98dfg6df7g56df6gdfgdfg65JHJH656565GFGFGs' # fake - for the purpose of this post. NOCAPTCHA =