How to organize a user password change at the first login?

S

sazhyk2016-11-22 15:31:29

Django

sazhyk, 2016-11-22 15:31:29

Many people know the principle of working in operating systems, when the system administrator creates a user, assigns him a certain password and indicates that the first time a conscious user logs in to the system, he will be prompted to change the password to a new one. How to implement the same on a site created with Django?
There were thoughts to somehow use the fact that when creating a user through the admin panel, the last_login field in the database is empty. But these are just thoughts. Maybe someone has already implemented something similar. Share your experience. Thank you.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

Kairat, 2016-11-22
@jetkay

As an option:
1. The user registration service generates a new temporary password and sends it by mail + this user has the PwdChangeRequired = true flag set.
2. The user logs in with that temporary password, the system knows who is logged in and checks the flag for true and redirects it to the password change form.
PS: I'm not familiar with Django

S

Saboteur, 2016-11-22
@saboteur_kiev

Usually implemented through password expiration.
That is, you need to store the date the password was changed.