RecursionError when trying to access current_user after changing alternative token

[mconigliaro]

I'm actually not sure whether this is a bug or if I'm just misunderstanding something. The docs for Alternative Tokens say:

This way you are free to change the user’s alternative id to a new randomly generated value when the user changes their password, which would ensure their old authentication sessions will cease to be valid.

Once I change the alternative id, I get a RecursionError if I try to do anything with current_user. The only way I've found to avoid it is to immediately log the current user out, but is that what I'm supposed to do? Is there some easy way I'm missing to keep the current session valid after changing the alternative id?

[mconigliaro]

I'm curious whether there's some better way I'm missing, but here's something that seems to work:

if user_wants_to_regenerate_token:
    user = get_user_by_username(current_user.username)
    user.refresh_token()
    login_user(user, remember=login_remembered)

So to avoid touching current_user after refreshing the token, just create a new user object and log that one in.