How to check user typed email is exist in database or not and raise a validationError?

I am implementing Django Password Reset to send a recovery password link when the user type his/her email id using django.contrib.auth.urls, which works as perfectly.

This is from Django Documentation,

If the email address provided does not exist in the system, the user is inactive, or has an unusable password, the user will still be redirected to this view but no email will be sent.

My question is,

how to add EmailValidation to check if the user typed email exists in the database or not and raise ValidationError.

Also from the documentation at:

If the email address provided does not exist in the system, this view won’t send an email, but the user won’t receive any error message either. This prevents information leaking to potential attackers. If you want to provide an error message in this case, you can subclass PasswordResetForm and use the form_class attribute.

(Emphasis mine) If you notice from other sites you may use, this is a common practice. A site generally doesn’t want to advertise what accounts are active - it helps reduce the surface area on which an attack can be made.

1 Like

If you want to add such validation to the password reset form, I suggest not doing it. By validating email address on that form you’re giving potential hackers a valuable information about existence/non-existence of a particular email address in your database.

1 Like

very thanks for your reply

Please help me to solve this issue:How can i get selected value in user update form?

Please reply on this thread if you know:- how can I also show stock message with there location like “Added %s items to stock with %s location”?