def validate_password_change(self, instance: User,
current_password: Optional[str],
password: Optional[str]) -> Optional[str]:
if password:
if instance.password and instance.has_usable_password():
# If user has a password set, we check it's provided to allow updating it. We need to check that is both
# usable (properly hashed) and that a password actually exists.
if not current_password:
raise serializers.ValidationError(
{
"current_password": [
"This field is required when updating your password."
]
},
code="required")
if not instance.check_password(current_password):
raise serializers.ValidationError(
{
"current_password":
["Your current password is incorrect."]
},
code="incorrect_password")
try:
validate_password(password, instance)
except ValidationError as e:
raise serializers.ValidationError({"password": e.messages})
return password
def get_has_password(self, instance: User) -> bool:
return instance.has_usable_password()
