Re: [Django] #34002: PasswordResetView cannot find is_active property of User model extending AbstractBaseUser

[Django]

#34002: PasswordResetView cannot find is_active property of User model extending
AbstractBaseUser
-------------------------------------+-------------------------------------
     Reporter:  Brylie Christopher   |                    Owner:  nobody
  Oxley                              |
         Type:  Uncategorized        |                   Status:  closed
    Component:  contrib.auth         |                  Version:  4.1
     Severity:  Normal               |               Resolution:  invalid
     Keywords:                       |             Triage Stage:
                                     |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------

Comment (by Brylie Christopher Oxley):

 Thanks for pointing me to the docs Mariusz.

 I still believe this is a bug for a couple of reasons. First, Django is
 inconsistent since the AbstractBaseUser can't be used in the standard
 password reset views, despite having the ''is_active'' boolean property.
 Likewise, the default Django password reset flow is not resilient to User
 models that don't have ''is_active'' defined as a field, even when the
 downstream project may not need an activation flow (or use the same model
 field/property).

 I believe there could actually be a middle ground here if we could give
 this issue a bit more time for consideration, rather than immediately
 dismissing it as invalid. One solution could be to check for the existence
 of the ''is_active'' property/field and run the relevant checks only if
 the field/property has a value.

 From what I understand, some contributor has likely added the
 ''is_active'' boolean property to the AbstractBaseUser model to harmonize
 it with other parts of the authentication framework. Conversely, the
 different parts of the authentication framework, namely the password reset
 flow, could be made more resilient to the absence of an ''is_active''
 field/property.

-- 
Ticket URL: <https://code.djangoproject.com/ticket/34002#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701832bcc61f0-4913a222-8841-4efe-bef7-e7381bd3751a-000000%40eu-central-1.amazonses.com.