Hi, On Wed, Jun 29, 2011 at 18:01, Daniel Moisset <[email protected]>wrote:
> django.auth already provides a password reset mechanism, where users > can get a password reset link. > > So, woudn't this work for you?: > > 1) Create users with a large random password. Destroy every copy of the > password > 2) Use the reset password feature with their email to force it to set > an initial value > > That way you never send them actual passwords, and the only passwords > they can use are the ones they set. > > all of this works with no additional support needed from django > This definitely does work, however, shouldn't this be a bit more easy? To be honest, when would you prefer creating a user for someone with a password that *you* made up, instead of having the person using a password *they* like best? Couldn't we create a button that sends an 'new account created' email, or creates a link to 'activate account'/'pick your password'? This is one of the biggest hurdles I usually have with the admin and giving other people accounts, let alone having somebody not used to django be the superuser or main admin. Tino ps. This function would then use the set_unusable_password method suggested by Shawn of course. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
