Merge pull request #64 from mohmyo/master

change validation order in PasswordResetConfirmSerializer
2024-12-03 06:13:43 +03:00 · 2020-05-11 02:07:12 -05:00 · 2020-05-11 02:07:12 -05:00 · 1dd2019614
commit 1dd2019614
parent bffec48e01 5f137da930
1 changed files with 3 additions and 2 deletions
--- a/dj_rest_auth/serializers.py
+++ b/dj_rest_auth/serializers.py
@ -208,6 +208,9 @@ class PasswordResetConfirmSerializer(serializers.Serializer):
    def validate(self, attrs):
        self._errors = {}

+        if not default_token_generator.check_token(self.user, attrs['token']):
+            raise ValidationError({'token': ['Invalid value']})
+
        # Decode the uidb64 to uid to get User object
        try:
            uid = force_text(uid_decoder(attrs['uid']))
@ -222,8 +225,6 @@ class PasswordResetConfirmSerializer(serializers.Serializer):
        )
        if not self.set_password_form.is_valid():
            raise serializers.ValidationError(self.set_password_form.errors)
-        if not default_token_generator.check_token(self.user, attrs['token']):
-            raise ValidationError({'token': ['Invalid value']})

        return attrs