From 73b1e99dc1a024d9cd505bf84f660120630e229c Mon Sep 17 00:00:00 2001
From: Egor fureunoir Gorbunov <contact@fureunoir.com>
Date: Thu, 29 May 2025 22:28:36 +0300
Subject: [PATCH] Features: 1) Add response logging of received serializer data
 in debug mode for enhanced error diagnostics;

Fixes: 1) Resolve inconsistent variable usage in `confirm_password_reset` by replacing `data` with `serializer_data` across the method;

Extra: 1) Minor cleanup for improved clarity and maintainability.
---
 vibes_auth/viewsets.py | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/vibes_auth/viewsets.py b/vibes_auth/viewsets.py
index 7f3739b3..ce13b17a 100644
--- a/vibes_auth/viewsets.py
+++ b/vibes_auth/viewsets.py
@@ -65,23 +65,24 @@ class UserViewSet(
     @action(detail=False, methods=["post"])
     @method_decorator(ratelimit(key="ip", rate="2/h" if not DEBUG else "888/h"))
     def confirm_password_reset(self, request, *args, **kwargs):
+        serializer_data = None
         try:
-            data = ConfirmPasswordResetSerializer(request.data).data
+            serializer_data = ConfirmPasswordResetSerializer(request.data).data
 
-            if not compare_digest(data.get("password"), data.get("confirm_password")):
+            if not compare_digest(data.get("password"), serializer_data.get("confirm_password")):
                 return Response(
                     {"error": _("passwords do not match")},
                     status=status.HTTP_400_BAD_REQUEST,
                 )
 
-            uuid = urlsafe_base64_decode(data.get("uidb64")).decode()
+            uuid = urlsafe_base64_decode(serializer_data.get("uidb64")).decode()
             user = User.objects.get(pk=uuid)
 
             password_reset_token = PasswordResetTokenGenerator()
-            if not password_reset_token.check_token(user, data.get("token")):
+            if not password_reset_token.check_token(user, serializer_data.get("token")):
                 return Response({"error": _("token is invalid!")}, status=status.HTTP_400_BAD_REQUEST)
 
-            user.set_password(data.get("password"))
+            user.set_password(serializer_data.get("password"))
             user.save()
             return Response({"message": _("password reset successfully")}, status=status.HTTP_200_OK)
 
@@ -89,6 +90,7 @@ class UserViewSet(
             data = {"error": str(e)}
             if DEBUG:
                 data["detail"] = str(traceback.format_exc())
+                data["received"] = str(serializer_data)
             return Response(data, status=status.HTTP_400_BAD_REQUEST)
 
     @method_decorator(ratelimit(key="ip", rate="3/h" if not DEBUG else "888/h"))