def validate_password_change(self, instance: User, current_password: Optional[str], password: Optional[str]) -> Optional[str]: if password: if instance.password and instance.has_usable_password(): # If user has a password set, we check it's provided to allow updating it. We need to check that is both # usable (properly hashed) and that a password actually exists. if not current_password: raise serializers.ValidationError( { "current_password": [ "This field is required when updating your password." ] }, code="required") if not instance.check_password(current_password): raise serializers.ValidationError( { "current_password": ["Your current password is incorrect."] }, code="incorrect_password") try: validate_password(password, instance) except ValidationError as e: raise serializers.ValidationError({"password": e.messages}) return password
def get_has_password(self, instance: User) -> bool: return instance.has_usable_password()