Reset password for user who registered with Social Auth (Google)

[AyushBhardwaj321]

Hello,
I am trying to using custom model with Djoser JWT endpoint but I want to reset the password for those user who register with Google OAuth.
When I am using the API endpoint the password reset mail is not getting send to mail.

Any suggestion is appreciated.

[Oscurodrago]

i have same very similar,
Google login works, it's create correctly user and also JWT token can be created ,
but when i try to reset password through send email, response says ["User with given email does not exist."]

note. if account is created with user_create by djoser they can reset password w/o problems

[Oscurodrago]

just saw around
seem the problem is the missing password and amost all guides online points to one wrong solution to use djoser
to avoid that problem just add a random pass when is None

`class UserManager(BaseUserManager):

def create_user(self, email,  password=None, **kwargs):
    if not email:
        raise ValueError("Users must have an email address")
    email = self.normalize_email(email)
    user = self.model(email=email, **kwargs)
    if(password is None):
        password = get_random_string(10)
    user.set_password(password)
    user.is_active = True
    user.save()

    return user`

[tomwojcik]

Thanks for the report. Please create a failing test case.

[bilalnaqvi]

When signing up using Google SSO, an unusable password is set for the user. This behavior is implemented by the set_unusable_password method in django/contrib/auth/base_user.py.

To bypass this, if you have a custom User class, you can override the has_usable_password method to always return True. Alternatively, you can configure Djoser to use a custom serializer to modify this behavior.

[stefanofusai]

Here's my implementation which fixes the issue:

serializers.py

from django.contrib.auth import get_user_model
from djoser.serializers import SendEmailResetSerializer as BaseSendEmailResetSerializer

UserModel = get_user_model()


class SendEmailResetSerializer(BaseSendEmailResetSerializer):
    def get_user(self, is_active: bool = True) -> UserModel | None:  # noqa: FBT001, FBT002
        try:
            # Disable the user.has_usable_password() check to allow users registered via
            # social auth to reset their password
            return UserModel._default_manager.get(  # noqa: SLF001
                is_active=is_active,
                **{self.email_field: self.data.get(self.email_field, "")},
            )

        except UserModel.DoesNotExist:
            pass

        if (
            settings.PASSWORD_RESET_SHOW_EMAIL_NOT_FOUND is True
            or settings.USERNAME_RESET_SHOW_EMAIL_NOT_FOUND is True
        ):
            self.fail("email_not_found")

        return None

settings.py

DJOSER = {
    ...,
    "SERIALIZERS": {
        "password_reset": "serializers.SendEmailResetSerializer",
    },
    ...
}