@ -202,12 +202,13 @@ class UserVerifyView(CreateAPIView):
device_id = kwargs . get ( ' device_id ' ) device_id = kwargs . get ( ' device_id ' )
user = User . objects . filter ( email = email ) . first ( ) user = User . objects . filter ( email = email ) . first ( )
if user : if user :
if kwargs . get ( ' password ' ) :
if kwargs [ ' password ' ] :
user . is_active = True user . is_active = True
user . deletion_date = None user . deletion_date = None
if device_id : if device_id :
user . device_id = device_id user . device_id = device_id
user . last_login = timezone . now ( ) user . last_login = timezone . now ( )
user . set_password ( kwargs [ ' password ' ] )
user . save ( ) user . save ( )
else : else :
# If device_id is provided, try to find existing user with that device_id # If device_id is provided, try to find existing user with that device_id
@ -217,22 +218,17 @@ class UserVerifyView(CreateAPIView):
user = None user = None
if not user : if not user :
# Create the user from the verified data
user = User . objects . create ( * * kwargs ) user = User . objects . create ( * * kwargs )
# Set a non-functional password to prevent authentication errors
user . set_unusable_password ( )
user . save ( )
user . set_password ( kwargs [ ' password ' ] )
else : else :
# Taking over a guest account
user . email = email user . email = email
user . fullname = kwargs . get ( ' fullname ' )
# Also set unusable password for converted guest accounts
user . set_unusable_password ( )
user . fullname = kwargs [ ' fullname ' ]
user . set_password ( kwargs [ ' password ' ] )
if device_id : if device_id :
user . device_id = device_id user . device_id = device_id
user . last_login = timezone . now ( ) user . last_login = timezone . now ( )
user . is_active = True user . is_active = True
user . deletion_date = None
user . save ( ) user . save ( )
return user return user
