Djoser | password reset nightmare
I’m using Djoser + Django REST Framework for authentication and I’m getting a little frustrated about the password‑reset flow (JUST A LITTLE 🥲).
My password‑reset emails generates links like: (http://localhost:8000/auth/users/reset_password_confirm/uid/token/)
The problem is that this endpoint expects a POST with the user’s new password, but clicking the link issues a GET, so the request fails immediately.
Most of the solutions I’ve found feel hacky, because they require either:
- Overriding the Djoser view to handle a GET (redirecting to my frontend) and then handling a POST to the same URL to set the new password
- Modifying Djoser’s email templates (which just feels bad to me)
Does anyone know a cleaner way to work around this? Any alternative patterns, suggestions, or insights would be hugely appreciated!