These are chat archives for django/django

2nd
Apr 2018
:]
@elcolie
Apr 02 2018 10:22
Hi
I have a problem with django-push-notification
Anybody here has expericen on this?
:]
@elcolie
Apr 02 2018 10:48
jazzband/django-push-notifications#461
Miracle Ayodele
@iammiracle
Apr 02 2018 12:46
@badcoder28 the app is more like an admin adding users, not that users have access to signup, its just like an employee that needs to be added to the system, you know he does not have access to add himself to the database of the company, an admin does that, and a password is generated on his behalf then he can change it later to whatever password he chooses
Roel
@roelzkie15
Apr 02 2018 13:30

@iammiracle It is still the same concept, a person/admin/user can register/add employee with temporary password and simply add a signal on post_save method of employee model where you can write a logic of sending the temp pw via email. So an employee can access your app and change the their password accordingly.

But usually you just only need to send an email with url containing a hash (with expiration date/time) a link to their profile settings where they can change their password immediately else the hash will not work anymore in another visit depend to the expiration date/time defined. I think this is more secure and standard way.

Miracle Ayodele
@iammiracle
Apr 02 2018 13:33
@badcoder28 i get your point, i used something like password1 = User.objects.make_random_password() which will certainly be sent to the email of the registered person with a link in case he/she wants to change the password
Roel
@roelzkie15
Apr 02 2018 13:34
yes that is right but i prefer the hash url way
Miracle Ayodele
@iammiracle
Apr 02 2018 13:35
what i am just bothered with is, if password field is not found in the template, i will have problem saving the form
i have to put something in the field before the make_random_password can even save
even tho the entered one in the template is not saved
Roel
@roelzkie15
Apr 02 2018 13:37
not a problem if you have a form with new password / confirm password for that page.
i assume you are already familiar how forms work on django
Miracle Ayodele
@iammiracle
Apr 02 2018 13:38
yes...i know
i was just wondering if there is a way to bypass that
Roel
@roelzkie15
Apr 02 2018 13:39
You can just simply add a temporary password like i said, just let the employee change it after he successfully access your app.
Miracle Ayodele
@iammiracle
Apr 02 2018 13:53
okay..thanks @badcoder28
Umar Sohail
@UMAR-SOHAIL
Apr 02 2018 20:31
Hey what many
Hey what many to many field does??