🔄 Implementing Password Reset via Email in Django (Step-by-Step)
🔐 Mini-Series Reference
This is Part 4 of our Django Authentication Mini-Series:
🔄 Password Reset via Email (You are here)
Introduction
Password reset functionality is essential for any user-based application. Django provides built-in views and forms to handle this securely.
This post will guide you through configuring and customizing password reset emails and workflows in your Django app.
Step 1: Configure Email Backend
For development, use the console backend (prints emails to console):
# settings.py
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
DEFAULT_FROM_EMAIL = 'noreply@yourdomain.com'
For production, configure SMTP backend (e.g., Gmail, SendGrid).
Step 2: Add URL Patterns for Password Reset
In your accounts/urls.py:
from django.urls import path
from django.contrib.auth import views as auth_views
urlpatterns = [
# Password reset URLs
path('password_reset/', auth_views.PasswordResetView.as_view(template_name='accounts/password_reset_form.html'), name='password_reset'),
path('password_reset_done/', auth_views.PasswordResetDoneView.as_view(template_name='accounts/password_reset_done.html'), name='password_reset_done'),
path('reset/<uidb64>/<token>/', auth_views.PasswordResetConfirmView.as_view(template_name='accounts/password_reset_confirm.html'), name='password_reset_confirm'),
path('reset_done/', auth_views.PasswordResetCompleteView.as_view(template_name='accounts/password_reset_complete.html'), name='password_reset_complete'),
]
Step 3: Create Templates
Create the following templates in templates/accounts/:
password_reset_form.html
<h2>Reset Password</h2>
<form method="post">
{% csrf_token %}
{{ form.as_p }}
<button type="submit">Send Reset Email</button>
</form>
password_reset_done.html
<p>An email has been sent with instructions to reset your password.</p>
password_reset_confirm.html
<h2>Set New Password</h2>
<form method="post">
{% csrf_token %}
{{ form.as_p }}
<button type="submit">Reset Password</button>
</form>
password_reset_complete.html
<p>Your password has been reset successfully! You can now <a href="{% url 'login' %}">log in</a>.</p>
Step 4: Customize Password Reset Email Template (Optional)
Create registration/password_reset_email.html (this path is required):
{% autoescape off %}
Hi {{ user.get_full_name|default:user.email }},
You're receiving this email because you requested a password reset for your account.
Please go to the following link and set your new password:
{{ protocol }}://{{ domain }}{% url 'password_reset_confirm' uidb64=uid token=token %}
If you didn’t request this, please ignore this email.
Thanks,
Your Website Team
{% endautoescape %}
Step 5: Test the Flow
-
Visit
/password_reset/ -
Enter your email and submit
-
Check console (in dev) for email with reset link
-
Click link, set new password
-
Verify you can log in with new password
Conclusion
You’ve successfully added a secure password reset feature to your Django app with minimal effort by leveraging Django’s built-in auth views.
This completes our Django Authentication Mini-Series! You now have a solid foundation for user management, including custom users, email verification, profiles, and password reset.
Thank you for your patience! keep learning...