DAV-KA/django-dav-events
1
0
Fork 0
Code Issues 24 Pull Requests Actions Releases Wiki Activity

dav_auth: do not reveal that user does not exists on recretate password

Browse Source 
feature
This commit is contained in:
heinzel
2026-05-28 10:40:22 +02:00
parent 9518e2f4c1
commit 656308d1e5
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dav_auth/views.py
+2
View File
@@ -100,6 +100,8 @@ class CreateAndSendPasswordView(generic.FormView):
logger.info('Password recreated for user \'%s\'', username) logger.info('Password recreated for user \'%s\'', username)
except user_model.DoesNotExist: except user_model.DoesNotExist:
logger.warning('Password recreated for unknown user \'%s\'', username) logger.warning('Password recreated for unknown user \'%s\'', username)
# Pretend we sent an email, so we do not reveal that the user doesn't exist.
messages.success(self.request, _('Neues Passwort versendet.'))
return super().form_valid(form) return super().form_valid(form)