Forgotten Password In Django

Turns out that there are plenty of useful features in the Django admin that I never thought about.

The other day I found the last task of a project of mine was adding the “Forgotten password” feature. It’s basically a standard task included in every users-related project, but the whole process requires few interactions:

  1. clicking ‘forgotten password’ link
  2. writing user email where the password should be send to
  3. verifying email against users database
  4. sending confirmation link
  5. confirming link
  6. choosing password
  7. resetting password

The whole 7-steps list (with UI and backend communications) could be boring and time wasting (usually).

That’s where Django’s templates and integrated behavior comes as a super hero.

Copy all necessary templates from your Django installation

There are few templates that you need to copy from your Django installation. You can find them in your DJANGO_PATH/contrib/admin/templates/registration. You can copy all password-related templates to your templates directory inĀ admin/registration folder.

Some URL paths have to be added to your file. That’s a sample of mine with the following URLs:


    url(r'^registration/(?P<municipality_id>\d+)$', proposal, name='proposal'),
    url(r'^login_teacher$', 'django.contrib.auth.views.login', {'template_name': 'view_school_upload.html'}),
    url(r'^password_reset$', 'django.contrib.auth.views.password_reset', {'template_name': 'admin/registration/password_reset_form.html', 'email_template_name':'admin/registration/password_reset_email.html'}),
    url(r'^password_reset_done$', 'django.contrib.auth.views.password_reset_done', {'template_name': 'admin/registration/password_reset_done.html'}),
    url(r'^password_reset_confirm/(?P[0-9A-Za-z]+)-(?P.+)$', 'django.contrib.auth.views.password_reset_confirm', {'template_name': 'admin/registration/password_reset_confirm.html'}),
    url(r'^password_reset_complete$', 'django.contrib.auth.views.password_reset_complete', {'template_name': 'admin/registration/password_reset_complete.html'}),


The only one taking parameters is the reset confirm one. Most urls are paramless, but you need to pass the user ID and the hashed value for the confirmation link.

After you’ve added all the templates with the right paths and set all urls, you could just navigate your forgotten password link:

{% trans 'forgot your password' %}

P.S. The whole template pack supports multilingual behavior so after adding the templates, you can run makemessages in order to translate the strings in your language.

Note: in some versions (such as 1.1.1) of Django there is problem with the emailing template. At line 7, remove the named parameters when calling password_reset_confirm view and alter the call only passing values:

{{ protocol }}://{{ domain }}{% url django.contrib.auth.views.password_reset_confirm uid, token %}

2 thoughts on “Forgotten Password In Django

  1. Is there a reason to copy the templates? It works for me without that step. If the admin templates are already in your template search path, and you’re not going to change them, it doesn’t make sense to just copy them.

  2. The reason I copy the templates locally is the i18n feature – I use makemessages to create a list with static texts to be translated. My application is using 4 different languages so I need to crawl all the pages and translate when necessary.

    Also my email template has bug when talking about Django 1.1.1 and it needs a small modification.

Your thoughts?