Features: 1) Add response logging of received serializer data in debug mode for enhanced error diagnostics;

Fixes: 1) Resolve inconsistent variable usage in `confirm_password_reset` by replacing `data` with `serializer_data` across the method; Extra: 1) Minor cleanup for improved clarity and maintainability.
2025-05-29 22:28:36 +03:00 · 2025-05-29 22:28:36 +03:00 · 73b1e99dc1
commit 73b1e99dc1
parent d3e9775d54
1 changed files with 7 additions and 5 deletions
--- a/vibes_auth/viewsets.py
+++ b/vibes_auth/viewsets.py
@ -65,23 +65,24 @@ class UserViewSet(
    @action(detail=False, methods=["post"])
    @method_decorator(ratelimit(key="ip", rate="2/h" if not DEBUG else "888/h"))
    def confirm_password_reset(self, request, *args, **kwargs):
+        serializer_data = None
        try:
-            data = ConfirmPasswordResetSerializer(request.data).data
+            serializer_data = ConfirmPasswordResetSerializer(request.data).data

-            if not compare_digest(data.get("password"), data.get("confirm_password")):
+            if not compare_digest(data.get("password"), serializer_data.get("confirm_password")):
                return Response(
                    {"error": _("passwords do not match")},
                    status=status.HTTP_400_BAD_REQUEST,
                )

-            uuid = urlsafe_base64_decode(data.get("uidb64")).decode()
+            uuid = urlsafe_base64_decode(serializer_data.get("uidb64")).decode()
            user = User.objects.get(pk=uuid)

            password_reset_token = PasswordResetTokenGenerator()
-            if not password_reset_token.check_token(user, data.get("token")):
+            if not password_reset_token.check_token(user, serializer_data.get("token")):
                return Response({"error": _("token is invalid!")}, status=status.HTTP_400_BAD_REQUEST)

-            user.set_password(data.get("password"))
+            user.set_password(serializer_data.get("password"))
            user.save()
            return Response({"message": _("password reset successfully")}, status=status.HTTP_200_OK)

@ -89,6 +90,7 @@ class UserViewSet(
            data = {"error": str(e)}
            if DEBUG:
                data["detail"] = str(traceback.format_exc())
+                data["received"] = str(serializer_data)
            return Response(data, status=status.HTTP_400_BAD_REQUEST)

    @method_decorator(ratelimit(key="ip", rate="3/h" if not DEBUG else "888/h"))