Permalink
Browse files

[1.1.X] Fixed #13152 -- Ensure the test client saves the session befo…

…re writing the session key to the cookie, in case the session engine changes the session key.

Backport of r12806 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@12807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent 1685085 commit 9d5fb83b091e28221d9005e4a3662ccf764d7b5b @freakboy3742 freakboy3742 committed Mar 19, 2010
View
6 django/test/client.py
@@ -423,6 +423,9 @@ def login(self, **credentials):
request.session = engine.SessionStore()
login(request, user)
+ # Save the session values.
+ request.session.save()
+
# Set the cookie to represent the session.
session_cookie = settings.SESSION_COOKIE_NAME
self.cookies[session_cookie] = request.session.session_key
@@ -435,9 +438,6 @@ def login(self, **credentials):
}
self.cookies[session_cookie].update(cookie_data)
- # Save the session values.
- request.session.save()
-
return True
else:
return False
View
21 tests/regressiontests/test_client_regress/models.py
@@ -385,6 +385,27 @@ def test_login_different_client(self):
# default client.
self.assertRedirects(response, "http://testserver/test_client_regress/get_view/")
+
+class SessionEngineTests(TestCase):
+ fixtures = ['testdata']
+
+ def setUp(self):
+ self.old_SESSION_ENGINE = settings.SESSION_ENGINE
+ settings.SESSION_ENGINE = 'regressiontests.test_client_regress.session'
+
+ def tearDown(self):
+ settings.SESSION_ENGINE = self.old_SESSION_ENGINE
+
+ def test_login(self):
+ "A session engine that modifies the session key can be used to log in"
+ login = self.client.login(username='testclient', password='password')
+ self.failUnless(login, 'Could not log in')
+
+ # Try to access a login protected page.
+ response = self.client.get("/test_client/login_protected_view/")
+ self.assertEqual(response.status_code, 200)
+ self.assertEqual(response.context['user'].username, 'testclient')
+
class URLEscapingTests(TestCase):
def test_simple_argument_get(self):
"Get a view that has a simple string argument"
View
30 tests/regressiontests/test_client_regress/session.py
@@ -0,0 +1,30 @@
+from django.contrib.sessions.backends.base import SessionBase
+
+class SessionStore(SessionBase):
+ """
+ A simple cookie-based session storage implemenation.
+
+ The session key is actually the session data, pickled and encoded.
+ This means that saving the session will change the session key.
+ """
+ def __init__(self, session_key=None):
+ super(SessionStore, self).__init__(session_key)
+
+ def exists(self, session_key):
+ return False
+
+ def create(self):
+ self.session_key = self.encode({})
+
+ def save(self, must_create=False):
+ self.session_key = self.encode(self._session)
+
+ def delete(self, session_key=None):
+ self.session_key = self.encode({})
+
+ def load(self):
+ try:
+ return self.decode(self.session_key)
+ except:
+ self.modified = True
+ return {}

0 comments on commit 9d5fb83

Please sign in to comment.