This is a very quick tip about how to create a change password view using the built-in PasswordChangeForm.
For that matter, using a function-based view is easier, because the PasswordChangeForm is slightly different.
It does not inherit from ModelForm and it takes an user argument in its constructor.
The example below is a functional code to change the password for the authenticated user.
views.py
from django.contrib import messages
from django.contrib.auth import update_session_auth_hash
from django.contrib.auth.forms import PasswordChangeForm
from django.shortcuts import render, redirect
def change_password(request):
if request.method == 'POST':
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
user = form.save()
update_session_auth_hash(request, user) # Important!
messages.success(request, 'Your password was successfully updated!')
return redirect('change_password')
else:
messages.error(request, 'Please correct the error below.')
else:
form = PasswordChangeForm(request.user)
return render(request, 'accounts/change_password.html', {
'form': form
})The messages.success() and messages.error() are optional, but it is a good idea to keep your user aware about what
is going on in the application.
Now an important bit is to call update_session_auth_hash() after you save the form. Otherwise the user’s auth session
will be invalidated and she/he will have to log in again.
urls.py
from django.conf.urls import url
from myproject.accounts import views
urlpatterns = [
url(r'^password/$', views.change_password, name='change_password'),
]change_password.html
<form method="post">
{% csrf_token %}
{{ form }}
<button type="submit">Save changes</button>
</form>
What You Should Know About The Django User Model
How to Implement Grouped Model Choice Field
Advanced Form Rendering with Django Crispy Forms
How to Extend Django User Model
How to Setup a SSL Certificate on Nginx for a Django Application
How to Deploy a Django Application to Digital Ocean