Django: Getting Started Transcripts
Chapter: Users and Account Management
Lecture: Django and email

Login or purchase this course to watch this video and the rest of the course contents.
0:00 The password reset utility sends the user a one time link via email to reset their password. That of course means Django needs to send email.
0:12 There's a whole module that does email stuff for you. This is built around a main entry point which is a function called send email.
0:21 To implement the password reset. You don't need to know about that. Just that the built in reset view uses it.
0:27 You do need to configure Django to send email though. Django supports multiple back ends for how to handle an email message they include SMTP.
0:38 This is kind of the obvious one. This is how real email is sent.
0:43 In production, you would configure this to point at an SMTP server that can actually send the mail
0:47 The other back ends are useful for debugging purposes. The console back in prints whatever you would have mailed to the console in the
0:56 DEV server window, this is the most useful one when you're debugging your site. The file back end saves each message as a file.
1:04 The in memory back end keeps all the messages in an object in a module You can then access that module from your code.
1:12 This is useful if you're writing unit tests, you write test code that verifies the right content was sent by directly accessing that object
1:21 in your assertions, and finally dummy is a dumping ground, you can send anything you want to it, it just ignores it.
1:29 If none of these are good enough for your needs you can write your own. Django is pluggable all the way through.
1:38 The last bit of user account management you need is to handle password resets. But process is multiple steps and goes like this.
1:46 The user clicks a link requesting a reset. Typically on the login page this shows them the password reset form.
1:53 On this form they have to type in their email address. If no matching addresses found, Django does nothing.
2:00 This is intentional. You don't want nefarious actors knowing who has an account and who
2:05 doesn't on your system by typing random email addresses into your reset form. If a matching email is found, the reset view sends the email.
2:15 That email is based on a template that you define. This allows you to style the reset message as well as your pages.
2:23 Inside of that email is a one time link that the user uses to actually do the reset. After the user has requested the reset.
2:32 Their sent to the reset done page. This isn't the reset having been performed. This is just to indicate that the email was sent.
2:42 The one time link in the email goes to the reset form. This is the form where the user actually creates a new password.
2:49 Spoiler alert, new password one and new password two are in your near future And finally with that all done a new password is set and the reset
3:00 complete page tells the user that they've successfully performed a password reset.

Talk Python's Mastodon Michael Kennedy's Mastodon