Django (v3.1) PASSWORD RESET LINK: AssertionError at line 260 of django/contrib/auth/views.py assert

Posted 2023-02-23

【中文标题】Django (v3.1) PASSWORD RESET LINK: AssertionError at line 260 of django/contrib/auth/views.py assert \'uidb64\' in kwargs and \'token\' in kwargs

【英文标题】：Django (v3.1) PASSWORD RESET LINK: AssertionError at line 260 of django/contrib/auth/views.py assert 'uidb64' in kwargs and 'token' in kwargsDjango (v3.1) PASSWORD RESET LINK: AssertionError at line 260 of django/contrib/auth/views.py assert 'uidb64' in kwargs and 'token' in kwargs

【发布时间】：2022-01-09 00:55:58

【问题描述】：

单击 Django 3.1.2 中的密码重置链接时，我无法通过断言错误。我让 Django 在 Docker 容器中运行。

电子邮件链接似乎是正确的，因为它使用了正确的域“localhost”。但是，单击链接后，错误消息将域 'localhost' 替换为 'Django:8000'。

html 文件

password_reset_email.html

% load i18n %% autoescape off %
% trans "You're receiving this e-mail because you requested a password reset" %
% blocktrans %for your user account at  site_name % endblocktrans %.

% trans "Please go to the following page and choose a new password:" %
% block reset_link %
 protocol :// domain % url 'password_reset_confirm' uidb36=uid token=token %
% endblock %
% trans "Your username, in case you've forgotten:" %  user.username 

% trans "Thanks for using our site!" %

% blocktrans %The Super Awesome team% endblocktrans %

% endautoescape %

password_reset_confirm.html

% extends "admin/base_site.html" %
% load i18n %

% block breadcrumbs %<div class="breadcrumbs"><a href="/">% trans 'Home' %</a> &rsaquo; % trans 'Password reset confirmation' %</div>% endblock %

% block title %% trans 'Password reset' %% endblock %

% block content %

% if validlink %

<h1>% trans 'Enter new password' %</h1>

<p>% trans "Please enter your new password twice so we can verify you typed it in correctly." %</p>

<form action="" method="post">
 form.new_password1.errors 
<p class="aligned wide"><label for="id_new_password1">% trans 'New password:' %</label> form.new_password1 </p>
 form.new_password2.errors 
<p class="aligned wide"><label for="id_new_password2">% trans 'Confirm password:' %</label> form.new_password2 </p>
<p><input type="submit" value="% trans 'Change my password' %" /></p>
</form>

% else %

<h1>% trans 'Password reset unsuccessful' %</h1>

<p>% trans "The password reset link was invalid, possibly because it has already been used.  Please request a new password reset." %</p>

% endif %

% endblock %

网址脚本：

urls.py

auth_patterns = 
[
    path('password_reset/', auth_views.PasswordResetView.as_view(), name='password_reset'),
    re_path(r'^password_reset/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/$', auth_views.PasswordResetConfirmView.as_view(), name='password_reset_confirm'),

]

完整的错误回溯：

Environment:


Request Method: GET
Request URL: https://django:8000/accounts/password_reset/mjq5-ax0zta-7bba9cbeb8c411bfd0dcdee5d5ae10a6/

Django Version: 3.1.2
Python Version: 3.8.10
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.messages',
 'django.contrib.sessions',
 'django.contrib.staticfiles',
 'django.contrib.admin',
 'django.contrib.sites',
 'formtools',
 'django_extensions',
 'template_utils',
 'countries',
 'pagination',
 'seeker',
 )
Installed Middleware:
('django.middleware.common.CommonMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'pagination.middleware.PaginationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'disc.middleware.LowerCaseMiddleware')



Traceback (most recent call last):
  File "/root/.local/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/root/.local/lib/python3.8/site-packages/django/core/handlers/base.py", line 179, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/views/generic/base.py", line 70, in view
    return self.dispatch(request, *args, **kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/utils/decorators.py", line 43, in _wrapper
    return bound_method(*args, **kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/views/decorators/debug.py", line 89, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/utils/decorators.py", line 43, in _wrapper
    return bound_method(*args, **kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/root/.local/lib/python3.8/site-packages/django/contrib/auth/views.py", line 260, in dispatch
    assert 'uidb64' in kwargs and 'token' in kwargs

Exception Type: AssertionError at /accounts/password_reset/mjq5-ax0zta-7bba9cbeb8c411bfd0dcdee5d5ae10a6/
Exception Value: 

docker-compose.yml

version: '3'

services:
  django:
    shm_size: 1g
    build:
      context: .
      dockerfile: docker/django.dockerfile
    env_file:
      - .env
    expose:
      - "8000"
    ports:
      - "10080:8000"
    volumes:
      - ./run/django/data:/opt/data
      - ./run/django/settings:/opt/settings
      - ./media/:/media
      - ./run/django/logs:/opt/logs
      - /var/run/docker.sock:/var/run/docker.sock
    healthcheck:
      test: ["CMD", "curl", "-sf", "localhost:8000", "-o", "/dev/null"]
      interval: 180s
      timeout: 10s
      retries: 3

  nginx:
    build:
      context: docker/nginx
      dockerfile: nginx.dockerfile
    shm_size: 512m
    environment:
      - SSL_CERTIFICATE=$SSL_CERTIFICATE
      - DEPLOYMENT_DNS="$DEPLOYMENT_DNS:-localhost"
    ports:
      - "$DISC_HTTP_PORT:-80:80"
      - "$DISC_HTTPS_PORT:-443:443"
    volumes:
      - "$CREDENTIALS_PATH:-./run/nginx/credentials:/credentials"
      - "$LETSENCRYPT_CONFIG_PATH:-./run/nginx/letsencrypt/config:/etc/letsencrypt"
      - "$LETSENCRYPT_DATA_PATH:-./run/nginx/letsencrypt/data:/data/letsencrypt"
      - ./static:/static
      - ./media/:/media
    healthcheck:
      test: ["CMD", "curl", "-sf", "--header", "Host: healthcheck.local", "localhost:80", "-o", "/dev/null"]
      interval: 180s
      timeout: 10s
      retries: 3
    depends_on:
      - django

【问题讨论】：

也可以使用docker配置

【参考方案1】：

这个 AssertionError 是由 password_reset_confirm 调用 uidb36 的链接中的 url 模式导致的，而文件“/root/.local/lib/python3.8/site-packages/django/contrib/auth/views.py”中的第 260 行"，是专门找一个uidb64编码的。 uidb36 编码是由于该项目年代久远而产生的遗留片段，多年来一直在定期升级......

> 260 行： assert 'uidb64' in kwargs and 'token' in kwargs

> 更正了 password_reset_confirm 的链接： re_path(r'^password_reset/(?P<uidb64>[0-9A-Za-z]+)-(?P<token>.+)/$', auth_views.PasswordResetConfirmView.as_view(), name='password_reset_confirm'),

注意，将密码重置确认链接更改为uidb64后，如​​下图，邮件链接中也要进行相应更改： protocol :// domain % url 'password_reset_confirm' uidb64=uid token=token %