[Django] #31978: Include hidden username field on password reset to help password managers

[Django]

#31978: Include hidden username field on password reset to help password managers
-------------------------------------------+------------------------
Reporter: Collin Anderson | Owner: nobody
Type: New feature | Status: new
Component: contrib.auth | Version: master
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 1
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------------+------------------------
Include hidden username field on password reset to help password managers

https://github.com/django/django/pull/13327

--
Ticket URL: <https://code.djangoproject.com/ticket/31978>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#31978: Include hidden username field on password reset to help password managers

---------------------------------+--------------------------------------

Reporter: Collin Anderson | Owner: nobody
Type: New feature | Status: new
Component: contrib.auth | Version: master

Severity: Normal | Resolution:

Keywords: | Triage Stage: Unreviewed
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

---------------------------------+--------------------------------------
Changes (by Collin Anderson):

* cc: Collin Anderson (added)

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:1>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin
Type: | Anderson
Cleanup/optimization | Status: assigned
Component: contrib.admin | Version: master
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0

Needs tests: 1 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by felixxm):

* status: new => assigned
* component: contrib.auth => contrib.admin
* needs_tests: 0 => 1
* owner: nobody => Collin Anderson
* type: New feature => Cleanup/optimization
* stage: Unreviewed => Accepted

Comment:

Sounds reasonable.

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:2>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin
Type: | Anderson
Cleanup/optimization | Status: assigned
Component: contrib.admin | Version: master
Severity: Normal | Resolution:

Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by felixxm):

* needs_tests: 1 => 0
* stage: Accepted => Ready for checkin

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:3>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin
Type: | Anderson

Cleanup/optimization | Status: closed
Component: contrib.admin | Version: master
Severity: Normal | Resolution: fixed

Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak <felisiak.mariusz@…>):

* status: assigned => closed
* resolution: => fixed

Comment:

In [changeset:"daa26acc4e7f134e064c5a6abe4d335f6fa8b249" daa26ac]:
{{{
#!CommitTicketReference repository=""
revision="daa26acc4e7f134e064c5a6abe4d335f6fa8b249"
Fixed #31978 -- Added username hint to admin's password reset confirmation
form.
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:4>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin
Type: | Anderson
Cleanup/optimization | Status: closed
Component: contrib.admin | Version: master
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------

Comment (by Jaap Roes):

I just came across this by chance and noticed that `<input style="display:
none;" autocomplete="username" value="{{ form.user.username }}">` is used
in the template. Shouldn't `form.user.get_username` be used here? In my
custom `User` model the username field is ommited, only `email` exists,
and `User.USERNAME_FIELD` is set to `email`.

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:5>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin
Type: | Anderson

Cleanup/optimization | Status: new
Component: contrib.admin | Version: master
Severity: Release blocker | Resolution:

Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 1

Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Collin Anderson):

* status: closed => new
* needs_better_patch: 0 => 1
* resolution: fixed =>
* severity: Normal => Release blocker

Comment:

My bad. That sounds right, this will break for anyone who has a custom
USERNAME_FIELD.

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:6>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Collin

| Anderson
Type: Bug | Status: new

Component: contrib.admin | Version: master
Severity: Release blocker | Resolution:

Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 1

Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Collin Anderson):

* type: Cleanup/optimization => Bug
* stage: Ready for checkin => Accepted

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:7>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned

Component: contrib.admin | Version: master
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 1

Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* owner: Collin Anderson => Mariusz Felisiak

* status: new => assigned

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:8>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned
Component: contrib.admin | Version: master
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* needs_better_patch: 1 => 0

Comment:

[https://github.com/django/django/pull/13730 PR]

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:9>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned
Component: contrib.admin | Version: master
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------

Comment (by Mariusz Felisiak <felisiak.mariusz@…>):

In [changeset:"3828427f634e1880467689e4cf0f8ffee95f0d05" 3828427f]:
{{{
#!CommitTicketReference repository=""
revision="3828427f634e1880467689e4cf0f8ffee95f0d05"
Refs #31978 -- Fixed hint in admin's password reset confirmation form for
custom username fields.

Thanks Jaap Roes for the report.
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:10>

[Django]

#31978: Include hidden username field on password reset to help password managers

-------------------------------------+-------------------------------------
Reporter: Collin Anderson | Owner: Mariusz
| Felisiak

Type: Bug | Status: closed
Component: contrib.admin | Version: master
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):

* status: assigned => closed
* resolution: => fixed

--
Ticket URL: <https://code.djangoproject.com/ticket/31978#comment:11>