diff options
| author | Tom Christie | 2013-04-03 09:20:36 +0100 |
|---|---|---|
| committer | Tom Christie | 2013-04-03 09:20:36 +0100 |
| commit | 74fbd5ccc5b2aa2f0aab25ead5ffa36024079fcf (patch) | |
| tree | 89da1f4949f2dd52d0dbee00c1bf016c119ea57b | |
| parent | 399ac70b831d782b7d774950b59f3b2066ab86f7 (diff) | |
| download | django-rest-framework-74fbd5ccc5b2aa2f0aab25ead5ffa36024079fcf.tar.bz2 | |
Fix bug with inactive user accessing OAuth
| -rw-r--r-- | rest_framework/authentication.py | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/rest_framework/authentication.py b/rest_framework/authentication.py index 145d4295..3e7e89e8 100644 --- a/rest_framework/authentication.py +++ b/rest_framework/authentication.py @@ -10,7 +10,7 @@ from django.core.exceptions import ImproperlyConfigured from rest_framework import exceptions, HTTP_HEADER_ENCODING from rest_framework.compat import CsrfViewMiddleware from rest_framework.compat import oauth, oauth_provider, oauth_provider_store -from rest_framework.compat import oauth2_provider, oauth2_provider_forms +from rest_framework.compat import oauth2_provider from rest_framework.authtoken.models import Token @@ -325,11 +325,13 @@ class OAuth2Authentication(BaseAuthentication): except oauth2_provider.models.AccessToken.DoesNotExist: raise exceptions.AuthenticationFailed('Invalid token') - if not token.user.is_active: + user = token.user + + if not user.is_active: msg = 'User inactive or deleted: %s' % user.username raise exceptions.AuthenticationFailed(msg) - return (token.user, token) + return (user, token) def authenticate_header(self, request): """ |