smcoll
commented
9 years ago +1 on this; i came to submit the same bug and found this PR.
Closed avojnovicDk closed 9 years ago
smcoll
commented
9 years ago +1 on this; i came to submit the same bug and found this PR.
_mirror_data_from_db_user() used to delete password item from the data dict, which made updating password field impossible. This is removed so user's password can be updated. test_updating_a_users_password() tests if password can be updated, and also checks that Django user has unusable password after the update and that raw_password field is removed. It is important that passwords are saved in Stormpath, and not database Django uses. set_password() makes sure that Django password is unusable and sets password in raw_password field, which _remove_raw_password() removes after StormpathUser is updated.
This also fixes the test that is failing in #57 - it is failing because password is not updated.