Django drf simple-jwt authentication"detail": "No active account found with the given credentials"

Question

I am implementing user authentication with django-rest_framework_simple-jwt with custom user, My models.py:

class UserManager(BaseUserManager):
    def create_user(self, email, username, password, alias=None):
        user = self.model(
        email = self.normalize_email(email),
                username = username,)
        user.set_password(password)
        user.save()
        return user
   def create_superuser(self, email, username, password):
       self.create_user(email, username, password)
       user.is_staff()
       user.is_superuser = True
       user.save()
       return user

class User(AbstractBaseUser, PermissionsMixin):
    email = models.EmailField(null=False, unique=True)
    username = models.CharField(max_length=25, unique=True)
    is_active = models.BooleanField(default=True)
    is_staff = models.BooleanField(default=False)

    objects = UserManager()
    USERNAME_FIELD = "email"
    REQUIRED_FIELDS = ["username",]

So I am implementing restframework simple-jwt authentication,my settings .py is as follows as:

REST_FRAMEWORK={
  'DEFAULT_AUTHENTICATION_CLASSES': [
      'rest_framework_simplejwt.authentication.JWTAuthentication',
   ]}

my urls.py:

urlpatterns = [
       url(r'^api/token/$', TokenObtainPairView.as_view(),  name='token_obtain_pair'),
       url(r'^api/token/refresh/$', TokenRefreshView.as_view(), name='token_refresh'),]

on login process, it returns error that "detail": "No active account found with the given credentials" all my users were active. I have no clue to sort this out, I need help.Thanks in advance.

Answer 1

Ensure your password is being hashed before it is stored in your db. I ran into the same problem and discovered my passwords were being stored in plain text. Adding the following to my UserSerializer solved the issue

from django.contrib.auth.hashers import make_password

def validate_password(self, value: str) -> str:
    """
    Hash value passed by user.

    :param value: password of a user
    :return: a hashed version of the password
    """
    return make_password(value)

Answer 2

Either you did not create a superuser for your Django application or you are provided the wrong credentials for authentication

Answer 3

Also make sure, is_active = True for the user object that you are saving in your serializer, because

class UserSerializer(serializers.ModelSerializer):
    class Meta:
        model = User
        fields = ['fullname', 'username', 'email', 'password']


    def create(self, validated_data):
        password = validated_data.pop('password', None)
        instance = self.Meta.model(**validated_data)
        
        # Adding the below line made it work for me.
        instance.is_active = True
        if password is not None:
            # Set password does the hash, so you don't need to call make_password 
            instance.set_password(password)
        instance.save()
        return instance

Note ( As per docs )

The login_required decorator does NOT check the is_active flag on a user, but the default AUTHENTICATION_BACKENDS reject inactive users.

Answer 4

Did you remember to set in settings:

AUTH_USER_MODEL = 'your_app_name.User'