oauth2_provider | Rails plugin to OAuth v2 | Application Framework library

I have custom user model and my user manager is like this below

I'm trying to deploy my react/django web-app to a linux-VM droplet. I'm not using a webpack for the JS content. Instead, I'm serving npm run build static files through a CDN sub-domain, digital ocean s3 bucket.

I'm able to python manage.py collectstatic which then pushes my react production build folder to the CDN.

When I visit my production website, it currently just loads up a blank page with these console errors:

I have developed a blog like project on the django rest framework and oauth2. I am now trying to separate the resource and authentication servers as shown here: https://django-oauth-toolkit.readthedocs.io/en/latest/resource_server.html

I have taken the following steps:

1. set up the auth server as described in the docs
2. added the below to settings.py in the auth server

I am making a Django application API, where an authorized user can post a messages, and other users can browse the message and like/dislike/comment on the messages (twitter style).

I have implemented oAuth2 already and tested it.

The API works fine from the admin panel, but when I access it through url, it is giving error:

enter image description here

My models.py class is:

Current Scenario:

I'm using Introspect to validate access token on the authentication server. This call returns only 'username' of the user from the authentication server and saves it in the resource server. The Id of the same user on the authentication server and the resource server are no necessarily the same.

Desired Scenario:

I want to receive more data about the user (email, phone number, address, etc..) and save it in the resource server.

What I have done so far:

I modified the django-oauth-toolkit/oauth2_provider/views/introspect.py/ get_token_response to return the data I need.

What is remaining:

How do I save those data in the resource server? or is it better to make an api call to the authentication server whenever I require the user data?

I'm going to restrict my working rest_framework.views.APIView inherited class, to be visible only by authenticated users.
I made these modifications:

1. Added authentication_classes and permission_classes to my class:

The DOCS for Django Cors Headers, https://pypi.org/project/django-cors-headers/ , clearly states that CORS_ALLOWED_ORIGINS:

Previously this setting was called CORS_ORIGIN_WHITELIST, which still works as an alias, with the new name taking precedence.

From the code if I use CORS_ORIGIN_WHITELIST my requests go through, but if I use CORS_ALLOWED_ORIGINS, while commenting out CORS_ORIGIN_WHITELIST, my requests are blocked. In my options request I am not getting any response and the subsequent POST request is blocked.

i'm having this error could someone help me with it.

File "/Users/king/Desktop/dash1-env/DASH/lib/python3.7/site-packages/rest_framework_social_oauth2/views.py", line 7, in from oauth2_provider.ext.rest_framework import OAuth2Authentication ModuleNotFoundError: No module named 'oauth2_provider.ext'

I have an django application with version 2.2.13 and django oauth toolkit 1.0.0. In the effort to update to Django 3.0, I need to update the django-oauth-toolkit, but every version after version 1.0.0, I run into a migration problem because my application (oauth2) extends the abstract application (AbstractApplication) model from the oauth2_provider (from django-oauth-toolkit).