#36703: Undocumented change of SetPasswordForm in django 5.1 release notes
-------------------------------------+-------------------------------------
Reporter: Laurent Bergeron | Type:
| Uncategorized
Status: new | Component:
| Documentation
Version: 5.1 | Severity: Normal
Keywords: Authentication, | Triage Stage:
Forms | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Since version 5.1 of django, django.contrib.auth.forms.SetPasswordForm
looks like this:
{{{
class SetPasswordForm(SetPasswordMixin, forms.Form):
"""
A form that lets a user set their password without entering the old
password
"""
new_password1, new_password2 =
SetPasswordMixin.create_password_fields(
label1=_("New password"), label2=_("New password confirmation")
)
def __init__(self, user, *args, **kwargs):
self.user = user
super().__init__(*args, **kwargs)
def clean(self):
self.validate_passwords("new_password1", "new_password2")
self.validate_password_for_user(self.user, "new_password2")
return super().clean()
def save(self, commit=True):
return self.set_password_and_save(self.user, "new_password1",
commit=commit)
}}}
Before version 5.1 though, it looked like this:
{{{
class SetPasswordForm(forms.Form):
"""
A form that lets a user set their password without entering the old
password
"""
error_messages = {
"password_mismatch": _("The two password fields didn’t match."),
}
new_password1 = forms.CharField(
label=_("New password"),
widget=forms.PasswordInput(attrs={"autocomplete": "new-
password"}),
strip=False,
help_text=password_validation.password_validators_help_text_html(),
)
new_password2 = forms.CharField(
label=_("New password confirmation"),
strip=False,
widget=forms.PasswordInput(attrs={"autocomplete": "new-
password"}),
)
def __init__(self, user, *args, **kwargs):
self.user = user
super().__init__(*args, **kwargs)
def clean_new_password2(self):
password1 = self.cleaned_data.get("new_password1")
password2 = self.cleaned_data.get("new_password2")
if password1 and password2 and password1 != password2:
raise ValidationError(
self.error_messages["password_mismatch"],
code="password_mismatch",
)
password_validation.validate_password(password2, self.user)
return password2
def save(self, commit=True):
password = self.cleaned_data["new_password1"]
self.user.set_password(password)
if commit:
self.user.save()
return self.user
}}}
I can't see this change described anywhere in the 5.1 release note
[https://docs.djangoproject.com/en/5.2/releases/5.1/]
Do I have a blind spot and the change is in fact described in the patch
note ? If it is not, should it be or is it too small of a change to be
part of the release notes?
Personally, it caused some of my tests to fail when I upgraded from 4.2 to
5.2. I had some logic to modify the error messages and it broke because of
the change.
--
Ticket URL: <https://code.djangoproject.com/ticket/36703>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019a41f67398-618e5785-06b7-4a0f-8109-75a32e861c07-000000%40eu-central-1.amazonses.com.
