User does not have an associated token after registration, when Token authentication is used alongside Session authentication, and allauth `EMAIL_VERIFICATION != EmailVerificationMethod.MANDATORY` #604
After migrating from 2.2.7 version to 5.0.2, we observed that users no longer have an associated token after registration. In the previously used version, if the REST_SESSION_LOGIN setting was not defined in the settings file, the default value (REST_SESSION_LOGIN=True) specified in the documentation was not applied for some unknown reason, and an authentication token was added to a user. In the dj-rest-auth 5.0.2 version, this bug was fixed, and now the default value is properly taken into account. However, it appears that the current implementation does not support using two authentication flows simultaneously during the registration process.
Since there is no mention in the dj-rest-auth documentation that session authentication cannot be used alongside token authentication, and considering the login implementation, this seems to be a bug.
After migrating from
2.2.7
version to5.0.2
, we observed that users no longer have an associated token after registration. In the previously used version, if the REST_SESSION_LOGIN setting was not defined in the settings file, the default value (REST_SESSION_LOGIN=True
) specified in the documentation was not applied for some unknown reason, and an authentication token was added to a user. In thedj-rest-auth 5.0.2
version, this bug was fixed, and now the default value is properly taken into account. However, it appears that the current implementation does not support using two authentication flows simultaneously during the registration process.Since there is no mention in the dj-rest-auth documentation that session authentication cannot be used alongside token authentication, and considering the login implementation, this seems to be a bug.