viglia
commented
7 months ago @iMerica if this gets approved/merged, could you make a patch release please?
Thank you.
Open viglia opened 7 months ago
viglia
commented
7 months ago @iMerica if this gets approved/merged, could you make a patch release please?
Thank you.
viglia
commented
2 weeks ago @iMerica please could you follow up on this?
The JWTStatelessUserAuthentication backend’s authenticate method does not perform a database lookup to obtain a user instance.
Instead, it returns a rest_framework_simplejwt.models.TokenUser instance which acts as a stateless user object backed only by a validated token instead of a record in a database.
This is not taken into account in the user and password endpoints of dj-rest-auth causing either incomplete information to be returned for the user or, in the worst case, a full crash due to invocation of methods that are not implemented for TokenUser.
This PR fixes it by checking whether the current user is a TokenUser and fetching the proper User before applying any changes.