The version on pypi (1.1.0) contains a critical bug that invalidates all refresh tokens when running a migration, and is NOT noted in the changelog. This was corrected in a follow-up pull request, but was not released yet.
83ec4ac
I just ran into this bug in my production instance, which logged out all my users. For anyone else who hits this, you can run the following code AFTER you run the migration (0006_auto_20171214_2232).
from oauth2_provider.models import RefreshToken
RefreshToken.objects.update(revoked=None)
@jleclanche
The version on pypi (1.1.0) contains a critical bug that invalidates all refresh tokens when running a migration, and is NOT noted in the changelog. This was corrected in a follow-up pull request, but was not released yet.
83ec4ac
I just ran into this bug in my production instance, which logged out all my users. For anyone else who hits this, you can run the following code AFTER you run the migration (0006_auto_20171214_2232).
@jleclanche