Features: 1) Add response logging of received serializer data in debug mode for enhanced error diagnostics;
Fixes: 1) Resolve inconsistent variable usage in `confirm_password_reset` by replacing `data` with `serializer_data` across the method; Extra: 1) Minor cleanup for improved clarity and maintainability.
This commit is contained in:
parent
d3e9775d54
commit
73b1e99dc1
1 changed files with 7 additions and 5 deletions
|
|
@ -65,23 +65,24 @@ class UserViewSet(
|
||||||
@action(detail=False, methods=["post"])
|
@action(detail=False, methods=["post"])
|
||||||
@method_decorator(ratelimit(key="ip", rate="2/h" if not DEBUG else "888/h"))
|
@method_decorator(ratelimit(key="ip", rate="2/h" if not DEBUG else "888/h"))
|
||||||
def confirm_password_reset(self, request, *args, **kwargs):
|
def confirm_password_reset(self, request, *args, **kwargs):
|
||||||
|
serializer_data = None
|
||||||
try:
|
try:
|
||||||
data = ConfirmPasswordResetSerializer(request.data).data
|
serializer_data = ConfirmPasswordResetSerializer(request.data).data
|
||||||
|
|
||||||
if not compare_digest(data.get("password"), data.get("confirm_password")):
|
if not compare_digest(data.get("password"), serializer_data.get("confirm_password")):
|
||||||
return Response(
|
return Response(
|
||||||
{"error": _("passwords do not match")},
|
{"error": _("passwords do not match")},
|
||||||
status=status.HTTP_400_BAD_REQUEST,
|
status=status.HTTP_400_BAD_REQUEST,
|
||||||
)
|
)
|
||||||
|
|
||||||
uuid = urlsafe_base64_decode(data.get("uidb64")).decode()
|
uuid = urlsafe_base64_decode(serializer_data.get("uidb64")).decode()
|
||||||
user = User.objects.get(pk=uuid)
|
user = User.objects.get(pk=uuid)
|
||||||
|
|
||||||
password_reset_token = PasswordResetTokenGenerator()
|
password_reset_token = PasswordResetTokenGenerator()
|
||||||
if not password_reset_token.check_token(user, data.get("token")):
|
if not password_reset_token.check_token(user, serializer_data.get("token")):
|
||||||
return Response({"error": _("token is invalid!")}, status=status.HTTP_400_BAD_REQUEST)
|
return Response({"error": _("token is invalid!")}, status=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
user.set_password(data.get("password"))
|
user.set_password(serializer_data.get("password"))
|
||||||
user.save()
|
user.save()
|
||||||
return Response({"message": _("password reset successfully")}, status=status.HTTP_200_OK)
|
return Response({"message": _("password reset successfully")}, status=status.HTTP_200_OK)
|
||||||
|
|
||||||
|
|
@ -89,6 +90,7 @@ class UserViewSet(
|
||||||
data = {"error": str(e)}
|
data = {"error": str(e)}
|
||||||
if DEBUG:
|
if DEBUG:
|
||||||
data["detail"] = str(traceback.format_exc())
|
data["detail"] = str(traceback.format_exc())
|
||||||
|
data["received"] = str(serializer_data)
|
||||||
return Response(data, status=status.HTTP_400_BAD_REQUEST)
|
return Response(data, status=status.HTTP_400_BAD_REQUEST)
|
||||||
|
|
||||||
@method_decorator(ratelimit(key="ip", rate="3/h" if not DEBUG else "888/h"))
|
@method_decorator(ratelimit(key="ip", rate="3/h" if not DEBUG else "888/h"))
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue