Custom password reset email

[aabanaag]

Hi, I have customized my password reset and was able to change it by overriding password_reset_key_message.html but the problem is I have a separate backend and frontend so I need the domain to be different instead the generated URL is exactly the domain of my backend.. (e.g https://api-staging.sample.com/reset/3/1362343x16311)

I have been reading this https://github.com/iMerica/dj-rest-auth/issues/308 but I'm not sure how this will work on my end.. I'm confused how can I make the reset flow use the password_reset_email.html template which contains this "{{ protocol}}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}"

[aabanaag]

So I was able to achieve what I wanted. I followed the steps from #308 but I customized a few things. It might not be the optimal way but I'm open to suggestions.

# UserPasswordResetForm

context = {
     "current_site": current_site,
     "user": user,
     "request": request,
     "domain": getattr(settings, "APP_URL") # frontend domain since it differs completely from my backend domain,
     "uid": user_pk_to_url_str(user),
     "token": temp_key,
}

Instead of forcing it to use the template from registration/password_reset_email I just changed the account/email/password-reset-key template. Also, I removed the routes I added before to override the password-reset-email below are the contents of my urls.py

path("auth/", include("dj_rest_auth.urls")),
path("auth/registration/", include("dj_rest_auth.registration.urls")),

then my serializer is just this

class UserPasswordResetSerializer(PasswordResetSerializer):  # noqa
    password_reset_form_class = UserPasswordResetForm

[awwester]

We had an issue crop up recently where users are no longer able to reset their passwords. It was tracked down to be from an upgrade from 2.1.4 to 2.1.11. What we were seeing though is that it was not taking the site's domain (the one setup in Django admin) anymore in the url presented in the reset email, but rather it was taking the server's domain.

Rolling back to 2.1.4 fixed our issue, but I'm not sure yet what the root cause was and couldn't get a fix in place using 2.1.11

[lFitzl]

Put this in settings.py

REST_AUTH_SERIALIZERS = { 'PASSWORD_RESET_SERIALIZER' : 'app.serializers.UserPasswordResetSerializer' }

[zulfadzlie]

We had an issue crop up recently where users are no longer able to reset their passwords. It was tracked down to be from an upgrade from 2.1.4 to 2.1.11. What we were seeing though is that it was not taking the site's domain (the one setup in Django admin) anymore in the url presented in the reset email, but rather it was taking the server's domain.

Rolling back to 2.1.4 fixed our issue, but I'm not sure yet what the root cause was and couldn't get a fix in place using 2.1.11

Thanks for this!

[aabanaag]

We had an issue crop up recently where users are no longer able to reset their passwords. It was tracked down to be from an upgrade from 2.1.4 to 2.1.11. What we were seeing though is that it was not taking the site's domain (the one setup in Django admin) anymore in the url presented in the reset email, but rather it was taking the server's domain.

Rolling back to 2.1.4 fixed our issue, but I'm not sure yet what the root cause was and couldn't get a fix in place using 2.1.11

I think this was attributed to changes in django-allauth by passing request so it will use request.build_absolute_uri instead of manually creating it by pulling from sites.

[nibon]

Found multiple issues that seems related. I've given my solution in this comment that might help.