> > Thanks for the Suggestion. > James, in the option that you provided makes the User change the Password of the Logged in user which might turn out to be a costly operation.
Not entirely sure what you mean? If you make the username available to the ModelForm class (either as a field value or a raw value passed in during the ModelForm initialization), then you simply run authenticate() as part of your validation process. Validating within the view ensures that request.user is already available for testing (assuming default middleware). The only time that an extra query would be incurred is if you needed to pull the user object based on the ID in order to grab the username. I wouldn't consider 1 indexed query as 'costly', especially for an operation that would executed relatively infrequently compared to the load generated by the rest of the site (obviously the frequency is dependent on your site traffic levels). I'd implement the easiest way for now and evaluate the whole process if you determine it is a source of stress for your DB, which is unlikely in the short and medium term. -James -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciXwit1fK8yJdFagBnd6JJ6nohoVnnw2KDKbbk3DjY-H_w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.