Disabled password reset and left message notifying user of problem. In response to CVE-2019-19844

2026-01-26 01:42:16 +00:00 · 2020-01-17 12:29:15 +00:00
parent 4ad12ab40a
commit b5e61adde5
3 changed files with 13 additions and 1 deletions
--- a/RIGS/urls.py
+++ b/RIGS/urls.py
@@ -19,7 +19,7 @@ urlpatterns = [
    url('^user/login/$', views.login, name='login'),
    url('^user/login/embed/$', xframe_options_exempt(views.login_embed), name='login_embed'),

-    url(r'^user/password_reset/$', password_reset, {'password_reset_form': forms.PasswordReset}),
+    url(r'^user/password_reset/$', views.PasswordResetDisabled.as_view()),

    # People
    url(r'^people/$', permission_required_with_403('RIGS.view_person')(views.PersonList.as_view()),