+ def password_reset_confirm(self, request, extra_context=None, uidb36=None, token=None, token_generator=password_token_generator):
+ """
+ Checks that a given hash in a password reset link is valid. If so,
+ displays the password set form.
+ """
+ assert uidb36 is not None and token is not None
+ try:
+ uid_int = base36_to_int(uidb36)
+ except:
+ raise Http404
+
+ user = get_object_or_404(User, id=uid_int)
+
+ if token_generator.check_token(user, token):
+ if request.method == 'POST':
+ form = SetPasswordForm(user, request.POST)
+
+ if form.is_valid():
+ form.save()
+ messages.add_message(request, messages.SUCCESS, "Password reset successful.")
+ return HttpResponseRedirect(self.reverse('login', node=request.node))
+ else:
+ form = SetPasswordForm(user)
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.password_set_page.render_to_response(request, extra_context=context)
+
+ raise Http404
+
+ def password_change(self, request, extra_context=None):
+ if request.method == 'POST':
+ form = PasswordChangeForm(request.user, request.POST)
+ if form.is_valid():
+ form.save()
+ messages.add_message(request, messages.SUCCESS, 'Password changed successfully.', fail_silently=True)
+ return HttpResponseRedirect('')
+ else:
+ form = PasswordChangeForm(request.user)
+
+ context = self.get_context()
+ context.update(extra_context or {})
+ context.update({
+ 'form': form
+ })
+ return self.password_change_page.render_to_response(request, extra_context=context)