Django AllAuth – How to manually send a reset-password email?
Question:
In my application I am using Django Allauth. I don’t have any registration form for users. The admin is going to register users by uploading an excel file that contains user info. I have done all of this and users are saved in the user table by auto generating passwords. After I upload user lists and save them in database, I want to send a reset password email to each user.
In allauth to reset password you first need to go to reset page account/password/reset/ and type your email. then an email is send which directs you to change your password account/password/reset/key/(?P<uidb36>[0-9A-Za-z]+)-(?P<key>.+)/
Is it possible to send the email directly within the app? The url contains a key that I don’t know how to generate!! Or is there any better way to do that?
Answers:
It’s possible. My solution implements a User model post_save signal to call the Allauth Password reset view which will send the user the email. The first thing to consider is to make the user email address mandatory in the admin user create form (as explained here). And then use this code:
from allauth.account.views import PasswordResetView
from django.conf import settings
from django.dispatch import receiver
from django.http import HttpRequest
from django.middleware.csrf import get_token
@receiver(models.signals.post_save, sender=settings.AUTH_USER_MODEL)
def send_reset_password_email(sender, instance, created, **kwargs):
if created:
# First create a post request to pass to the view
request = HttpRequest()
request.method = 'POST'
# add the absolute url to be be included in email
if settings.DEBUG:
request.META['HTTP_HOST'] = '127.0.0.1:8000'
else:
request.META['HTTP_HOST'] = 'www.mysite.com'
# pass the post form data
request.POST = {
'email': instance.email,
'csrfmiddlewaretoken': get_token(HttpRequest())
}
PasswordResetView.as_view()(request) # email will be sent!
You can try to get URL for specific user using something like this:
from allauth.account.forms import EmailAwarePasswordResetTokenGenerator
from allauth.account.utils import user_pk_to_url_str
token_generator = EmailAwarePasswordResetTokenGenerator()
user = User.objects.get(email='[email protected]')
temp_key = token_generator.make_token(user)
path = reverse("account_reset_password_from_key",
kwargs=dict(uidb36=user_pk_to_url_str(user), key=temp_key))
Following from @davecaputo’s answer, you can also directly submit the form instead of creating and calling the view:
from allauth.account.forms import ResetPasswordForm
from django.conf import settings
from django.http import HttpRequest
def send_password_reset(user: settings.AUTH_USER_MODEL):
request = HttpRequest()
request.user = user
request.META["HTTP_HOST"] = "www.mysite.com"
form = ResetPasswordForm({"email": user.email})
if form.is_valid():
form.save(request)
In my application I am using Django Allauth. I don’t have any registration form for users. The admin is going to register users by uploading an excel file that contains user info. I have done all of this and users are saved in the user table by auto generating passwords. After I upload user lists and save them in database, I want to send a reset password email to each user.
In allauth to reset password you first need to go to reset page account/password/reset/ and type your email. then an email is send which directs you to change your password account/password/reset/key/(?P<uidb36>[0-9A-Za-z]+)-(?P<key>.+)/
Is it possible to send the email directly within the app? The url contains a key that I don’t know how to generate!! Or is there any better way to do that?
It’s possible. My solution implements a User model post_save signal to call the Allauth Password reset view which will send the user the email. The first thing to consider is to make the user email address mandatory in the admin user create form (as explained here). And then use this code:
from allauth.account.views import PasswordResetView
from django.conf import settings
from django.dispatch import receiver
from django.http import HttpRequest
from django.middleware.csrf import get_token
@receiver(models.signals.post_save, sender=settings.AUTH_USER_MODEL)
def send_reset_password_email(sender, instance, created, **kwargs):
if created:
# First create a post request to pass to the view
request = HttpRequest()
request.method = 'POST'
# add the absolute url to be be included in email
if settings.DEBUG:
request.META['HTTP_HOST'] = '127.0.0.1:8000'
else:
request.META['HTTP_HOST'] = 'www.mysite.com'
# pass the post form data
request.POST = {
'email': instance.email,
'csrfmiddlewaretoken': get_token(HttpRequest())
}
PasswordResetView.as_view()(request) # email will be sent!
You can try to get URL for specific user using something like this:
from allauth.account.forms import EmailAwarePasswordResetTokenGenerator
from allauth.account.utils import user_pk_to_url_str
token_generator = EmailAwarePasswordResetTokenGenerator()
user = User.objects.get(email='[email protected]')
temp_key = token_generator.make_token(user)
path = reverse("account_reset_password_from_key",
kwargs=dict(uidb36=user_pk_to_url_str(user), key=temp_key))
Following from @davecaputo’s answer, you can also directly submit the form instead of creating and calling the view:
from allauth.account.forms import ResetPasswordForm
from django.conf import settings
from django.http import HttpRequest
def send_password_reset(user: settings.AUTH_USER_MODEL):
request = HttpRequest()
request.user = user
request.META["HTTP_HOST"] = "www.mysite.com"
form = ResetPasswordForm({"email": user.email})
if form.is_valid():
form.save(request)