mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 19:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fixed #27891 -- Added PasswordResetConfirmView.post_reset_login_backend.

Browse source
This commit is contained in:
Camilo Nova 2017-03-07 19:52:26 -05:00 committed by Tim Graham
parent 72ff9d53e6
commit 5db465d5a6
5 changed files with 35 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/releases/1.11.txt
View file

@ -118,6 +118,8 @@ Minor features
* The new ``post_reset_login`` attribute for
:class:`~django.contrib.auth.views.PasswordResetConfirmView` allows
automatically logging in a user after a successful password reset.
If you have multiple ``AUTHENTICATION_BACKENDS`` configured, use the
``post_reset_login_backend`` attribute to choose which one to use.
* To avoid the possibility of leaking a password reset token via the HTTP
Referer header (for example, if the reset page includes a reference to CSS or