I'd do something like this
{% block title %}Reset Password{% endblock %}
{% block content %}
<p>Please specify your username or email address to receive instructions for resetting it.</p>
<form action="" method="POST">
{% csrf_token %}
{{ form.email.errors }}
<p>{{ form.email.label }}{{ form.email }} <button type="submit">Reset Password</button></p>
</form>
{% endblock %}
In your POST variable you now have an email or a password. You'd have to make a guess if people would use the email or username more. Based on that the following should work
from django.db.models import Q
email = request.POST.get('email, "")
u = User.objects.filter(Q(username=email)|Q(email=email))
if u.count() == 1:
email_address = u[0].email
# now you can send the user an email with instructions
if u.count() < 1:
# invalid username or email
return
if u.count() > 1:
# unlikely but lets account for this anyway. I'll leave this up to you
return
There might be a more elegant way to check for the user, but this way there's essentially only one query and might be quicker than matching email and username individually in try/except blocks. Personally I prefer a filter/count way of checking rather than try/except, but thats besides the point.