There's a fairly trivial way to do it in Django I think (whether it's still safe to send an email with pw in plaintext is still questionable at best):
Say a user forgot their password and they click some link to reset their password:
Generate the password text, then create an email with that password, send the email, and then store the password, connected to the User object, in the default Django way, which is SHA'd.
The Django builtin functionality is more secure than that. Do not send passwords in email.
You should create a token, and mark the account with it, send the token to the user, and if the user sends the token back to you (at the URL, normally), you let him replace his password. The password itself is never communicated back to the user.
And be sure to destroy the token immediately after the user resets, and also after a reasonable time period regardless if it was used (24hrs seems fine to me).
Otherwise the email could be found later and used to gain access.
I wasn't suggesting to do this and I have never done this, just pointing out that it is technically easy. I don't really know why I got a downvote for that
Say a user forgot their password and they click some link to reset their password:
Generate the password text, then create an email with that password, send the email, and then store the password, connected to the User object, in the default Django way, which is SHA'd.