|
1 import os |
|
2 import re |
|
3 |
|
4 from django.conf import settings |
|
5 from django.contrib.auth import SESSION_KEY |
|
6 from django.contrib.auth.forms import AuthenticationForm |
|
7 from django.contrib.sites.models import Site, RequestSite |
|
8 from django.contrib.auth.models import User |
|
9 from django.test import TestCase |
|
10 from django.core import mail |
|
11 from django.core.urlresolvers import reverse |
|
12 |
|
13 class AuthViewsTestCase(TestCase): |
|
14 """ |
|
15 Helper base class for all the follow test cases. |
|
16 """ |
|
17 fixtures = ['authtestdata.json'] |
|
18 urls = 'django.contrib.auth.urls' |
|
19 |
|
20 def setUp(self): |
|
21 self.old_LANGUAGES = settings.LANGUAGES |
|
22 self.old_LANGUAGE_CODE = settings.LANGUAGE_CODE |
|
23 settings.LANGUAGES = (('en', 'English'),) |
|
24 settings.LANGUAGE_CODE = 'en' |
|
25 self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS |
|
26 settings.TEMPLATE_DIRS = ( |
|
27 os.path.join( |
|
28 os.path.dirname(__file__), |
|
29 'templates' |
|
30 ) |
|
31 ,) |
|
32 |
|
33 def tearDown(self): |
|
34 settings.LANGUAGES = self.old_LANGUAGES |
|
35 settings.LANGUAGE_CODE = self.old_LANGUAGE_CODE |
|
36 settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS |
|
37 |
|
38 class PasswordResetTest(AuthViewsTestCase): |
|
39 |
|
40 def setUp(self): |
|
41 self.old_LANGUAGES = settings.LANGUAGES |
|
42 self.old_LANGUAGE_CODE = settings.LANGUAGE_CODE |
|
43 settings.LANGUAGES = (('en', 'English'),) |
|
44 settings.LANGUAGE_CODE = 'en' |
|
45 |
|
46 def tearDown(self): |
|
47 settings.LANGUAGES = self.old_LANGUAGES |
|
48 settings.LANGUAGE_CODE = self.old_LANGUAGE_CODE |
|
49 |
|
50 def test_email_not_found(self): |
|
51 "Error is raised if the provided email address isn't currently registered" |
|
52 response = self.client.get('/password_reset/') |
|
53 self.assertEquals(response.status_code, 200) |
|
54 response = self.client.post('/password_reset/', {'email': 'not_a_real_email@email.com'}) |
|
55 self.assertContains(response, "That e-mail address doesn't have an associated user account") |
|
56 self.assertEquals(len(mail.outbox), 0) |
|
57 |
|
58 def test_email_found(self): |
|
59 "Email is sent if a valid email address is provided for password reset" |
|
60 response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'}) |
|
61 self.assertEquals(response.status_code, 302) |
|
62 self.assertEquals(len(mail.outbox), 1) |
|
63 self.assert_("http://" in mail.outbox[0].body) |
|
64 |
|
65 def _test_confirm_start(self): |
|
66 # Start by creating the email |
|
67 response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'}) |
|
68 self.assertEquals(response.status_code, 302) |
|
69 self.assertEquals(len(mail.outbox), 1) |
|
70 return self._read_signup_email(mail.outbox[0]) |
|
71 |
|
72 def _read_signup_email(self, email): |
|
73 urlmatch = re.search(r"https?://[^/]*(/.*reset/\S*)", email.body) |
|
74 self.assert_(urlmatch is not None, "No URL found in sent email") |
|
75 return urlmatch.group(), urlmatch.groups()[0] |
|
76 |
|
77 def test_confirm_valid(self): |
|
78 url, path = self._test_confirm_start() |
|
79 response = self.client.get(path) |
|
80 # redirect to a 'complete' page: |
|
81 self.assertEquals(response.status_code, 200) |
|
82 self.assert_("Please enter your new password" in response.content) |
|
83 |
|
84 def test_confirm_invalid(self): |
|
85 url, path = self._test_confirm_start() |
|
86 # Let's munge the token in the path, but keep the same length, |
|
87 # in case the URLconf will reject a different length. |
|
88 path = path[:-5] + ("0"*4) + path[-1] |
|
89 |
|
90 response = self.client.get(path) |
|
91 self.assertEquals(response.status_code, 200) |
|
92 self.assert_("The password reset link was invalid" in response.content) |
|
93 |
|
94 def test_confirm_invalid_post(self): |
|
95 # Same as test_confirm_invalid, but trying |
|
96 # to do a POST instead. |
|
97 url, path = self._test_confirm_start() |
|
98 path = path[:-5] + ("0"*4) + path[-1] |
|
99 |
|
100 response = self.client.post(path, {'new_password1': 'anewpassword', |
|
101 'new_password2':' anewpassword'}) |
|
102 # Check the password has not been changed |
|
103 u = User.objects.get(email='staffmember@example.com') |
|
104 self.assert_(not u.check_password("anewpassword")) |
|
105 |
|
106 def test_confirm_complete(self): |
|
107 url, path = self._test_confirm_start() |
|
108 response = self.client.post(path, {'new_password1': 'anewpassword', |
|
109 'new_password2': 'anewpassword'}) |
|
110 # It redirects us to a 'complete' page: |
|
111 self.assertEquals(response.status_code, 302) |
|
112 # Check the password has been changed |
|
113 u = User.objects.get(email='staffmember@example.com') |
|
114 self.assert_(u.check_password("anewpassword")) |
|
115 |
|
116 # Check we can't use the link again |
|
117 response = self.client.get(path) |
|
118 self.assertEquals(response.status_code, 200) |
|
119 self.assert_("The password reset link was invalid" in response.content) |
|
120 |
|
121 def test_confirm_different_passwords(self): |
|
122 url, path = self._test_confirm_start() |
|
123 response = self.client.post(path, {'new_password1': 'anewpassword', |
|
124 'new_password2':' x'}) |
|
125 self.assertEquals(response.status_code, 200) |
|
126 self.assert_("The two password fields didn't match" in response.content) |
|
127 |
|
128 class ChangePasswordTest(AuthViewsTestCase): |
|
129 |
|
130 def login(self, password='password'): |
|
131 response = self.client.post('/login/', { |
|
132 'username': 'testclient', |
|
133 'password': password |
|
134 } |
|
135 ) |
|
136 self.assertEquals(response.status_code, 302) |
|
137 self.assert_(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) |
|
138 |
|
139 def fail_login(self, password='password'): |
|
140 response = self.client.post('/login/', { |
|
141 'username': 'testclient', |
|
142 'password': password |
|
143 } |
|
144 ) |
|
145 self.assertEquals(response.status_code, 200) |
|
146 self.assert_("Please enter a correct username and password. Note that both fields are case-sensitive." in response.content) |
|
147 |
|
148 def logout(self): |
|
149 response = self.client.get('/logout/') |
|
150 |
|
151 def test_password_change_fails_with_invalid_old_password(self): |
|
152 self.login() |
|
153 response = self.client.post('/password_change/', { |
|
154 'old_password': 'donuts', |
|
155 'new_password1': 'password1', |
|
156 'new_password2': 'password1', |
|
157 } |
|
158 ) |
|
159 self.assertEquals(response.status_code, 200) |
|
160 self.assert_("Your old password was entered incorrectly. Please enter it again." in response.content) |
|
161 |
|
162 def test_password_change_fails_with_mismatched_passwords(self): |
|
163 self.login() |
|
164 response = self.client.post('/password_change/', { |
|
165 'old_password': 'password', |
|
166 'new_password1': 'password1', |
|
167 'new_password2': 'donuts', |
|
168 } |
|
169 ) |
|
170 self.assertEquals(response.status_code, 200) |
|
171 self.assert_("The two password fields didn't match." in response.content) |
|
172 |
|
173 def test_password_change_succeeds(self): |
|
174 self.login() |
|
175 response = self.client.post('/password_change/', { |
|
176 'old_password': 'password', |
|
177 'new_password1': 'password1', |
|
178 'new_password2': 'password1', |
|
179 } |
|
180 ) |
|
181 self.assertEquals(response.status_code, 302) |
|
182 self.assert_(response['Location'].endswith('/password_change/done/')) |
|
183 self.fail_login() |
|
184 self.login(password='password1') |
|
185 |
|
186 class LoginTest(AuthViewsTestCase): |
|
187 |
|
188 def test_current_site_in_context_after_login(self): |
|
189 response = self.client.get(reverse('django.contrib.auth.views.login')) |
|
190 self.assertEquals(response.status_code, 200) |
|
191 site = Site.objects.get_current() |
|
192 self.assertEquals(response.context['site'], site) |
|
193 self.assertEquals(response.context['site_name'], site.name) |
|
194 self.assert_(isinstance(response.context['form'], AuthenticationForm), |
|
195 'Login form is not an AuthenticationForm') |
|
196 |
|
197 class LogoutTest(AuthViewsTestCase): |
|
198 urls = 'django.contrib.auth.tests.urls' |
|
199 |
|
200 def login(self, password='password'): |
|
201 response = self.client.post('/login/', { |
|
202 'username': 'testclient', |
|
203 'password': password |
|
204 } |
|
205 ) |
|
206 self.assertEquals(response.status_code, 302) |
|
207 self.assert_(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) |
|
208 self.assert_(SESSION_KEY in self.client.session) |
|
209 |
|
210 def confirm_logged_out(self): |
|
211 self.assert_(SESSION_KEY not in self.client.session) |
|
212 |
|
213 def test_logout_default(self): |
|
214 "Logout without next_page option renders the default template" |
|
215 self.login() |
|
216 response = self.client.get('/logout/') |
|
217 self.assertEquals(200, response.status_code) |
|
218 self.assert_('Logged out' in response.content) |
|
219 self.confirm_logged_out() |
|
220 |
|
221 def test_logout_with_next_page_specified(self): |
|
222 "Logout with next_page option given redirects to specified resource" |
|
223 self.login() |
|
224 response = self.client.get('/logout/next_page/') |
|
225 self.assertEqual(response.status_code, 302) |
|
226 self.assert_(response['Location'].endswith('/somewhere/')) |
|
227 self.confirm_logged_out() |
|
228 |
|
229 def test_logout_with_redirect_argument(self): |
|
230 "Logout with query string redirects to specified resource" |
|
231 self.login() |
|
232 response = self.client.get('/logout/?next=/login/') |
|
233 self.assertEqual(response.status_code, 302) |
|
234 self.assert_(response['Location'].endswith('/login/')) |
|
235 self.confirm_logged_out() |
|
236 |
|
237 def test_logout_with_custom_redirect_argument(self): |
|
238 "Logout with custom query string redirects to specified resource" |
|
239 self.login() |
|
240 response = self.client.get('/logout/custom_query/?follow=/somewhere/') |
|
241 self.assertEqual(response.status_code, 302) |
|
242 self.assert_(response['Location'].endswith('/somewhere/')) |
|
243 self.confirm_logged_out() |