Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Tests for password change process. Thanks, Mike Richardson. Fixed #8402.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit abb1c508cc95d5cf55e8ab63d6bafe17ac095f95 1 parent cc95b44
@malcolmt malcolmt authored
View
1  AUTHORS
@@ -330,6 +330,7 @@ answer newbie questions, and generally made Django that much better:
David Reynolds <david@reynoldsfamily.org.uk>
rhettg@gmail.com
ricardojbarrios@gmail.com
+ Mike Richardson
Matt Riggott
Henrique Romano <onaiort@gmail.com>
Armin Ronacher
View
7 django/contrib/auth/tests/__init__.py
@@ -1,11 +1,14 @@
from django.contrib.auth.tests.basic import BASIC_TESTS
-from django.contrib.auth.tests.views import PasswordResetTest
+from django.contrib.auth.tests.views import PasswordResetTest, ChangePasswordTest
from django.contrib.auth.tests.forms import FORM_TESTS
from django.contrib.auth.tests.tokens import TOKEN_GENERATOR_TESTS
+# The password for the fixture data users is 'password'
+
__test__ = {
'BASIC_TESTS': BASIC_TESTS,
'PASSWORDRESET_TESTS': PasswordResetTest,
'FORM_TESTS': FORM_TESTS,
- 'TOKEN_GENERATOR_TESTS': TOKEN_GENERATOR_TESTS
+ 'TOKEN_GENERATOR_TESTS': TOKEN_GENERATOR_TESTS,
+ 'CHANGEPASSWORD_TESTS': ChangePasswordTest,
}
View
1  django/contrib/auth/tests/templates/registration/login.html
@@ -0,0 +1 @@
+{{ form.as_ul }}
View
92 django/contrib/auth/tests/views.py
@@ -1,5 +1,8 @@
+import os
import re
+
+from django.conf import settings
from django.contrib.auth.models import User
from django.test import TestCase
from django.core import mail
@@ -7,7 +10,7 @@
class PasswordResetTest(TestCase):
fixtures = ['authtestdata.json']
urls = 'django.contrib.auth.urls'
-
+
def test_email_not_found(self):
"Error is raised if the provided email address isn't currently registered"
response = self.client.get('/password_reset/')
@@ -15,7 +18,7 @@ def test_email_not_found(self):
response = self.client.post('/password_reset/', {'email': 'not_a_real_email@email.com'})
self.assertContains(response, "That e-mail address doesn't have an associated user account")
self.assertEquals(len(mail.outbox), 0)
-
+
def test_email_found(self):
"Email is sent if a valid email address is provided for password reset"
response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'})
@@ -39,7 +42,7 @@ def test_confirm_valid(self):
url, path = self._test_confirm_start()
response = self.client.get(path)
# redirect to a 'complete' page:
- self.assertEquals(response.status_code, 200)
+ self.assertEquals(response.status_code, 200)
self.assert_("Please enter your new password" in response.content)
def test_confirm_invalid(self):
@@ -49,7 +52,7 @@ def test_confirm_invalid(self):
path = path[:-5] + ("0"*4) + path[-1]
response = self.client.get(path)
- self.assertEquals(response.status_code, 200)
+ self.assertEquals(response.status_code, 200)
self.assert_("The password reset link was invalid" in response.content)
def test_confirm_invalid_post(self):
@@ -60,7 +63,7 @@ def test_confirm_invalid_post(self):
response = self.client.post(path, {'new_password1': 'anewpassword',
'new_password2':' anewpassword'})
- # Check the password has not been changed
+ # Check the password has not been changed
u = User.objects.get(email='staffmember@example.com')
self.assert_(not u.check_password("anewpassword"))
@@ -69,14 +72,14 @@ def test_confirm_complete(self):
response = self.client.post(path, {'new_password1': 'anewpassword',
'new_password2': 'anewpassword'})
# It redirects us to a 'complete' page:
- self.assertEquals(response.status_code, 302)
- # Check the password has been changed
+ self.assertEquals(response.status_code, 302)
+ # Check the password has been changed
u = User.objects.get(email='staffmember@example.com')
self.assert_(u.check_password("anewpassword"))
# Check we can't use the link again
response = self.client.get(path)
- self.assertEquals(response.status_code, 200)
+ self.assertEquals(response.status_code, 200)
self.assert_("The password reset link was invalid" in response.content)
def test_confirm_different_passwords(self):
@@ -86,3 +89,76 @@ def test_confirm_different_passwords(self):
self.assertEquals(response.status_code, 200)
self.assert_("The two password fields didn't match" in response.content)
+
+class ChangePasswordTest(TestCase):
+ fixtures = ['authtestdata.json']
+ urls = 'django.contrib.auth.urls'
+
+ def setUp(self):
+ self.old_TEMPLATE_DIRS = settings.TEMPLATE_DIRS
+ settings.TEMPLATE_DIRS = (
+ os.path.join(
+ os.path.dirname(__file__),
+ 'templates'
+ )
+ ,)
+
+ def tearDown(self):
+ settings.TEMPLATE_DIRS = self.old_TEMPLATE_DIRS
+
+ def login(self, password='password'):
+ response = self.client.post('/login/', {
+ 'username': 'testclient',
+ 'password': password
+ }
+ )
+ self.assertEquals(response.status_code, 302)
+ self.assert_(response['Location'].endswith('/accounts/profile/'))
+
+ def fail_login(self, password='password'):
+ response = self.client.post('/login/', {
+ 'username': 'testclient',
+ 'password': password
+ }
+ )
+ self.assertEquals(response.status_code, 200)
+ self.assert_("Please enter a correct username and password. Note that both fields are case-sensitive." in response.content)
+
+ def logout(self):
+ response = self.client.get('/logout/')
+
+ def test_password_change_fails_with_invalid_old_password(self):
+ self.login()
+ response = self.client.post('/password_change/', {
+ 'old_password': 'donuts',
+ 'new_password1': 'password1',
+ 'new_password2': 'password1',
+ }
+ )
+ self.assertEquals(response.status_code, 200)
+ self.assert_("Your old password was entered incorrectly. Please enter it again." in response.content)
+
+ def test_password_change_fails_with_mismatched_passwords(self):
+ self.login()
+ response = self.client.post('/password_change/', {
+ 'old_password': 'password',
+ 'new_password1': 'password1',
+ 'new_password2': 'donuts',
+ }
+ )
+ self.assertEquals(response.status_code, 200)
+ self.assert_("The two password fields didn't match." in response.content)
+
+ def test_password_change_succeeds(self):
+ self.login()
+ response = self.client.post('/password_change/', {
+ 'old_password': 'password',
+ 'new_password1': 'password1',
+ 'new_password2': 'password1',
+ }
+ )
+ self.assertEquals(response.status_code, 302)
+ self.assert_(response['Location'].endswith('/password_change/done/'))
+ self.fail_login()
+ self.login(password='password1')
+
View
1  django/contrib/auth/urls.py
@@ -5,6 +5,7 @@
from django.conf.urls.defaults import *
urlpatterns = patterns('',
+ (r'^login/$', 'django.contrib.auth.views.login'),
(r'^logout/$', 'django.contrib.auth.views.logout'),
(r'^password_change/$', 'django.contrib.auth.views.password_change'),
(r'^password_change/done/$', 'django.contrib.auth.views.password_change_done'),
Please sign in to comment.
Something went wrong with that request. Please try again.