SocialLoginSerializer ValidationError doesn't block login
steverecio opened this issue · 1 comments
If a ValidationError is raised from the SocialLoginSerializer (or a subclass thereof), the request will return a 400 status code but will still log the user in. For example, in an attempt to add two-factor authentication logic on top of the SocialLoginSerializer, I raise a validation error after the super class validate function. The request returns a 400 bad request, but subsequent calls to the api are still authenticated.
Hi,
this repo is not maintained anymore, so the development moved to dj-rest-auth. (reference: #568)
It may be best, if you move this PR there. (and upgrade to using dj_rest_auth)
new repo link: https://github.com/jazzband/dj-rest-auth (I'm not the upkeeper of that repo, it just makes sense for me to help you write where it brings value.)
Best,
Barney