django.contrib.auth.tokens.PasswordResetTokenGenerator

class documentation

class PasswordResetTokenGenerator:

Strategy object used to generate and check tokens for the password reset mechanism.

Method	`__init__`	Undocumented
Method	`_get_secret`	Undocumented
Method	`_make_hash_value`	No summary
Method	`_make_token_with_timestamp`	Undocumented
Method	`_now`	Undocumented
Method	`_num_seconds`	Undocumented
Method	`_set_secret`	Undocumented
Method	`check_token`	Check that a password reset token is correct for a given user.
Method	`make_token`	Return a token that can be used once to do a password reset for the given user.
Class Variable	`key_salt`	Undocumented
Class Variable	`secret`	Undocumented
Instance Variable	`_secret`	Undocumented
Instance Variable	`algorithm`	Undocumented

def __init__(self):

Undocumented

def _get_secret(self):

Undocumented

def _make_hash_value(self, user, timestamp):

Hash the user's primary key, email (if available), and some user state that's sure to change after a password reset to produce a token that is invalidated when it's used: 1. The password field will change upon a password reset (even if the

same password is chosen, due to password salting).

The last_login field will usually be updated very shortly after a password reset.

Failing those things, settings.PASSWORD_RESET_TIMEOUT eventually invalidates the token.

Running this data through salted_hmac() prevents password cracking attempts using the reset token, provided the secret isn't compromised.

def _make_token_with_timestamp(self, user, timestamp):

Undocumented

def _now(self):

Undocumented

def _num_seconds(self, dt):

Undocumented

def _set_secret(self, secret):

Undocumented

def check_token(self, user, token):

Check that a password reset token is correct for a given user.

def make_token(self, user):

Return a token that can be used once to do a password reset for the given user.

key_salt: str =

Undocumented

secret =

Undocumented

_secret =

Undocumented

algorithm =

Undocumented