Fix the displayed token expiry values, and use `PASSWORD_RESET_TIMEOU…

…T_DAYS` if it's set. #10
tiborhari · Aug 6, 2023 · b4677ac · b4677ac
1 parent 900bd86
commit b4677ac
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 16 deletions.
diff --git a/README.rst b/README.rst
@@ -43,7 +43,7 @@ Validation time
 
 The password reset links/tokens, generated by this package, are using the built-in
 Django password reset functionality, and so respect the
-``PASSWORD_RESET_TIMEOUT_DAYS`` setting.
+``PASSWORD_RESET_TIMEOUT`` setting.
 
 Compatibility
 -------------

diff --git a/django_admin_reset/admin.py b/django_admin_reset/admin.py
@@ -1,4 +1,4 @@
-from django import forms
+from django import forms, VERSION
 from django.conf import settings
 from django.contrib import admin
 from django.contrib.admin.utils import unquote
@@ -23,13 +23,17 @@
 UserModel = get_user_model()
 
 
-def _get_password_reset_token_expiry():
-    if hasattr(settings, 'PASSWORD_RESET_TIMEOUT'):
+def _get_password_reset_token_expiry_seconds():
+    if (
+        settings.is_overridden('PASSWORD_RESET_TIMEOUT_DAYS')
+        and not settings.is_overridden('PASSWORD_RESET_TIMEOUT')
+        and VERSION < (4,)
+    ):
+        # Django 3.0-
+        return settings.PASSWORD_RESET_TIMEOUT_DAYS * 60*60*24
+    else:
         # Django 3.1+
         return settings.PASSWORD_RESET_TIMEOUT
-    else:
-        # Django 3.0-
-        return settings.PASSWORD_RESET_TIMEOUT_DAYS
 
 
 class UserCreationForm(forms.ModelForm):
@@ -141,8 +145,11 @@ def password_reset_url(self, request, id, form_url=''):
         return TemplateResponse(
             request,
             'admin/password_reset_url.html',
-            context={'user': user, 'url': url, 'title': _('Password reset'),
-                     'timeout_days': _get_password_reset_token_expiry()})
+            context={
+                'user': user, 'url': url, 'title': _('Password reset'),
+                'timeout_seconds': _get_password_reset_token_expiry_seconds(),
+            },
+        )
 
 
 if admin.site.is_registered(UserModel):

diff --git a/django_admin_reset/locale/hu/LC_MESSAGES/django.po b/django_admin_reset/locale/hu/LC_MESSAGES/django.po
@@ -51,7 +51,7 @@ msgstr ""
 #, python-format
 msgid ""
 "This link can be sent directly to the user (e.g. by email). It's only usable "
-"once, and it expires in <strong>%(timeout_days)s days</strong>."
+"once, and it expires in <strong>%(timeout_seconds)s seconds</strong>."
 msgstr ""
 "Ez a link közvetlenül elküldhető a felhasználónak (pl. email-en). Csak "
-"egyszer használható, és <strong>%(timeout_days)s nap</strong> múlva lejár."
+"egyszer használható, és <strong>%(timeout_seconds)s másodperc</strong> múlva lejár."
diff --git a/django_admin_reset/templates/admin/password_reset_url.html b/django_admin_reset/templates/admin/password_reset_url.html
@@ -12,6 +12,6 @@
 {% blocktrans trimmed with username=user.username %}
   This link can be sent directly to the user (e.g. by email).
   It's only usable once, and it expires in
-  <strong>{{ timeout_days }} days</strong>.
+  <strong>{{ timeout_seconds }} seconds</strong>.
 {% endblocktrans %}
 {% endblock %}
diff --git a/django_admin_reset/tests/password_reset_test.py b/django_admin_reset/tests/password_reset_test.py
@@ -14,7 +14,7 @@
 from django.utils.http import urlsafe_base64_encode
 from pytest import fixture, mark
 
-from django_admin_reset.admin import _get_password_reset_token_expiry
+from django_admin_reset.admin import _get_password_reset_token_expiry_seconds
 
 pytestmark = [mark.django_db]
 
@@ -250,13 +250,13 @@ def test_expired_token(user_idx, logout,
 
     if django.VERSION < (3, 1):
         future_date = date.today() + timedelta(
-            days=_get_password_reset_token_expiry() + 1)
+            days=_get_password_reset_token_expiry_seconds() + 60)
         with patch('django.contrib.auth.tokens.PasswordResetTokenGenerator.'
                    '_today', return_value=future_date):
             assert_invalid_url(client, url, token, [user.pk])
     else:
         future_date = datetime.now() + timedelta(
-            days=_get_password_reset_token_expiry() + 1)
+            days=_get_password_reset_token_expiry_seconds() + 60)
         with patch('django.contrib.auth.tokens.PasswordResetTokenGenerator.'
                    '_now', return_value=future_date):
             assert_invalid_url(client, url, token, [user.pk])

diff --git a/tox.ini b/tox.ini
@@ -28,7 +28,7 @@ basepython = python3.11
 commands =
     pip install -e .[babel]
     pybabel compile --domain django --directory django_admin_reset/locale
-    python setup.py bdist_wheel --universal
+    python setup.py bdist_wheel
 
 [gh-actions]
 python =