Allow nullable/blank fields, fix header values

anexia-it · Aug 2, 2019 · df8e677 · df8e677
1 parent 96e2341
commit df8e677
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 6 deletions.
diff --git a/django_rest_passwordreset/migrations/0003_allow_blank_and_null_fields.py b/django_rest_passwordreset/migrations/0003_allow_blank_and_null_fields.py
@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.20 on 2019-08-02 12:39
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('django_rest_passwordreset', '0002_pk_migration'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='resetpasswordtoken',
+            name='ip_address',
+            field=models.GenericIPAddressField(blank=True, default='', null=True, verbose_name='The IP address of this session'),
+        ),
+        migrations.AlterField(
+            model_name='resetpasswordtoken',
+            name='user_agent',
+            field=models.CharField(blank=True, default='', max_length=256, verbose_name='HTTP User Agent'),
+        ),
+    ]
diff --git a/django_rest_passwordreset/models.py b/django_rest_passwordreset/models.py
@@ -61,12 +61,15 @@ def generate_key():
 
     ip_address = models.GenericIPAddressField(
         _("The IP address of this session"),
-        default="127.0.0.1"
+        default="",
+        blank=True,
+        null=True,
     )
     user_agent = models.CharField(
         max_length=256,
         verbose_name=_("HTTP User Agent"),
-        default=""
+        default="",
+        blank=True,
     )
 
     def save(self, *args, **kwargs):

diff --git a/django_rest_passwordreset/views.py b/django_rest_passwordreset/views.py
@@ -23,6 +23,9 @@
     'reset_password_request_token'
 ]
 
+HTTP_USER_AGENT_HEADER = getattr(settings, 'DJANGO_REST_PASSWORDRESET_HTTP_USER_AGENT_HEADER', 'HTTP_USER_AGENT')
+HTTP_IP_ADDRESS_HEADER = getattr(settings, 'DJANGO_REST_PASSWORDRESET_IP_ADDRESS_HEADER', 'REMOTE_ADDR')
+
 
 class ResetPasswordConfirm(GenericAPIView):
     """
@@ -140,10 +143,8 @@ def post(self, request, *args, **kwargs):
                     # no token exists, generate a new token
                     token = ResetPasswordToken.objects.create(
                         user=user,
-                        user_agent=request.META.get('HTTP_USER_AGENT',
-                                                    getattr(settings, 'DJANGO_REST_PASSWORDRESET_HTTP_USER_AGENT', '')),
-                        ip_address=request.META.get('REMOTE_ADDR',
-                                                    getattr(settings, 'DJANGO_REST_PASSWORDRESET_REMOTE_ADDR', ''))
+                        user_agent=request.META.get(HTTP_USER_AGENT_HEADER, ''),
+                        ip_address=request.META.get(HTTP_IP_ADDRESS_HEADER, ''),
                     )
                 # send a signal that the password token was created
                 # let whoever receives this signal handle sending the email for the password reset