Open Willem-Nieuwoudt opened 1 year ago
Same issue here : https://github.com/iMerica/dj-rest-auth/issues/465
Altroo, I checked your issue and I don't think it's the same as far as I can tell.
@Willem-Nieuwoudt my bad, true they don't look the same, different error but both are triggered in
site-packages/dj_rest_auth/registration/serializers.py
in your case in is_valid
& mine in validate
.
Maybe it is the same error, different config settings ?
Could you please provide your config settings?
@Altroo Sure thing
ACCOUNT_AUTHENTICATION_METHOD = 'email' ACCOUNT_EMAIL_REQUIRED = True ACCOUNT_UNIQUE_EMAIL = True ACCOUNT_USERNAME_REQUIRED = False ACCOUNT_USER_MODEL_USERNAME_FIELD = None ACCOUNT_EMAIL_VERIFICATION = 'mandatory'
Those are the only settings I really use at the moment for auth.
I see someone made a comment on your post with a screenshot of exactly the same issue that im having. I'll just leave a comment there to let them know about this post in case you don't have the same issue as us.
I essentially tracked down the error to the get_access_token function in the SocialLoginSerializer's validate method. The way i'm "fixing" it at the moment is to override the serializer and wrap the get_access_token function in a try except and then just return a validation error if it throws the error that im getting. Something like this:
try:
token = client.get_access_token(code)
except OAuth2Error:
raise serializers.ValidationError(
_("Invalid access token"),
)
Would be nice to have some input from people if this is an okay solution or not really.
may I know what the google login api endpoint
is?
try: token = client.get_accesstoken(code) except OAuth2Error: raise serializers.ValidationError( ("Invalid access token"), )
@Willem-Nieuwoudt Can you clarify if this actually solves the issue and allows for Google logins and registers?
Edit: Reverting per @Altroo's answer here fixed it for me: https://github.com/iMerica/dj-rest-auth/issues/465
@Willem-Nieuwoudt @wanglophile check https://github.com/iMerica/dj-rest-auth/issues/465
I am using dj-rest-auth version 2.2.5 in my Django application.
When I get the access code back from the google OAUTH2 url and post that code to the google login api endpoint it logs me in as expected, returning the jwt tokens.
However if i just post any random value or incorrect code to the google login api endpoint(using the code field) it throws a 500 error instead of a validation error like "Invalid code". This is the last bit of the trace: