python/fastapi-users
1
0
Fork 0
mirror of https://github.com/fastapi-users/fastapi-users.git synced 2025-08-15 19:30:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #17: prevent to set is_active/is_superuser on register route

Browse Source
This commit is contained in:
François Voron
2019-10-19 18:56:54 +02:00
parent 5d4979f9a9
commit 8d65a11a4f
2 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
fastapi_users/router.py
View File

@ -42,7 +42,10 @@ def get_user_router(
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
hashed_password = get_password_hash(user.password)
db_user = models.UserDB(**user.dict(), hashed_password=hashed_password)
db_user = models.UserDB(
**user.dict(exclude={"id", "is_superuser", "is_active"}),
hashed_password=hashed_password
)
created_user = await user_db.create(db_user)
return created_user