Override admin password reset functionality to do more/other actions?

Hi All,

I wrote an internal app using the third party package django-auth-ldap to authenticate users against my Active Directory instance. (this works!)

Users keep trying to reset their AD/LDAP password from the admin page (“change password”), but this does nothing except set a password on the account stub.(the ldap account is used to authenticate the user, it only checks taht a local account with the same username is present, all other checks are done via the ldap filter (I’m using django’s built-in User with a one to one Profile for other attributes, no custom user here).

It looks like I need to change the behavior of django.contrib.auth.view’s change_password() function, but i don’t know how to do that without just changing the code in the django install(obviously not a good move). when i do change it there, i insert a try:execpt: after the save() call, so i know in theory this works, but how can i do this for the admin site properly? (aka in a way that doesn’t break when i upgrade django).

Thanks!
(edited for specificity)

Hi Everyone,
this SO post: tells me that i was on the right track. If i replace just the urls for change_password and change_password_done, i can do something like this to accomplish my goal:

# arbitrary views.py file, also updates urls.py as in the linked SO. 
from django.contrib.auth.views import PasswordChangeView
from django.contrib.auth import update_session_auth_hash
from django.urls import reverse_lazy


class MyPasswordChangeView(PasswordChangeView):
    success_url = reverse_lazy("password_change_done")

    def form_valid(self, form):
        form.save()
        # do my thing with ldap here: 
        print("OKIEDOKIE COWBOY")

        update_session_auth_hash(self.request, form.user)
        return super().form_valid(form)

hope this helps someone!