restore pre-2.3.0 behaviour

api/app/settings/common.py

@@ -390,6 +390,7 @@
 ]
 
 AUTHENTICATION_BACKENDS = [
+    "djoser.auth_backends.LoginFieldBackend",
     "admin_sso.auth.DjangoSSOAuthBackend",
     "django.contrib.auth.backends.ModelBackend",
 ]
@@ -807,7 +808,6 @@
     "SEND_CONFIRMATION_EMAIL": False,
     "SERIALIZERS": {
         "token": "custom_auth.serializers.CustomTokenSerializer",
-        "token_create": "custom_auth.serializers.CustomTokenCreateSerializer",
         "user_create": "custom_auth.serializers.CustomUserCreateSerializer",
         "user_delete": "custom_auth.serializers.CustomUserDelete",
         "current_user": "users.serializers.CustomCurrentUserSerializer",

api/custom_auth/serializers.py

@@ -1,8 +1,7 @@
 from typing import Any
 
 from django.conf import settings
-from djoser.conf import settings as djoser_settings
-from djoser.serializers import TokenCreateSerializer, UserCreateSerializer
+from djoser.serializers import UserCreateSerializer
 from rest_framework import serializers
 from rest_framework.authtoken.models import Token
 from rest_framework.exceptions import PermissionDenied
@@ -20,33 +19,6 @@
 )
 
 
-class CustomTokenCreateSerializer(TokenCreateSerializer):
-    """
-    NOTE: Some authentication backends (e.g., LDAP) support only
-    username and password authentication. However, the front-end
-    currently sends the email as the login key. To accommodate
-    this, we override the serializer to rename the username field
-    to the email (or any other field configurable using djoser settings) field.
-
-    """
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        if djoser_settings.LOGIN_FIELD != FFAdminUser.USERNAME_FIELD:
-            # Because djoser have created a field named username(djoser_settings.LOGIN_FIELD) in the serializer
-            # We have to remove this and add the email(FFAdminUser.USERNAME_FIELD) field back
-            self.fields.pop(djoser_settings.LOGIN_FIELD)
-            self.fields[FFAdminUser.USERNAME_FIELD] = serializers.CharField(
-                required=False
-            )
-
-    def validate(self, attrs):
-        if djoser_settings.LOGIN_FIELD != FFAdminUser.USERNAME_FIELD:
-            attrs[djoser_settings.LOGIN_FIELD] = attrs.pop(FFAdminUser.USERNAME_FIELD)
-
-        return super().validate(attrs)
-
-
 class CustomTokenSerializer(serializers.ModelSerializer):
     class Meta:
         model = Token

api/tests/unit/custom_auth/test_unit_custom_auth_serializer.py

@@ -1,18 +1,12 @@
-from copy import deepcopy
-
 import pytest
 from django.test import RequestFactory
 from pytest_django.fixtures import SettingsWrapper
-from pytest_mock import MockerFixture
 from rest_framework.exceptions import PermissionDenied
 
 from custom_auth.constants import (
     USER_REGISTRATION_WITHOUT_INVITE_ERROR_MESSAGE,
 )
-from custom_auth.serializers import (
-    CustomTokenCreateSerializer,
-    CustomUserCreateSerializer,
-)
+from custom_auth.serializers import CustomUserCreateSerializer
 from organisations.invites.models import InviteLink
 from users.models import FFAdminUser, SignUpType
 
@@ -151,25 +145,3 @@ def test_invite_link_validation_mixin_validate_fails_if_invite_link_hash_not_val
 
     # Then
     assert exc_info.value.detail == USER_REGISTRATION_WITHOUT_INVITE_ERROR_MESSAGE
-
-
-def test_CustomTokenCreateSerializer_validate_uses_login_field_to_authenticate(
-    settings: SettingsWrapper, mocker: MockerFixture
-) -> None:
-    # Given
-    djoser_settings = deepcopy(settings.DJOSER)
-    djoser_settings["LOGIN_FIELD"] = "username"
-    settings.DJOSER = djoser_settings
-
-    mocked_authenticate = mocker.patch("djoser.serializers.authenticate")
-    serializer = CustomTokenCreateSerializer(
-        data={"email": "some_username", "password": "some_password"}
-    )
-
-    # When
-    serializer.is_valid(raise_exception=True)
-
-    # Then
-    mocked_authenticate.assert_called_with(
-        request=None, username="some_username", password="some_password"
-    )