Add settings attribute to check if inactive user login is allowed

This will help if 'AllowAllUsersModelBackend' is used or any other authentication backend that allow inactive user login is used.
This commit is contained in:
Peter Bassem Sobhi 2018-01-28 00:50:15 +02:00
parent a3057b7aa1
commit 8f16c5ddc7

View File

@ -91,7 +91,8 @@ class LoginSerializer(serializers.Serializer):
# Did we get back an active user?
if user:
if not user.is_active:
# Raises error only if user is deactivated and inactive user login is disabled
if not user.is_active and not getattr(settings, 'REST_INACTIVE_USER_LOGIN', False):
msg = _('User account is disabled.')
raise exceptions.ValidationError(msg)
else: