Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #13152 -- Ensure the test client saves the session before writi…

…ng the session key to the cookie, in case the session engine changes the session key.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit f081059b45610de00c52810da0f97642292db27a 1 parent 003fe52
@freakboy3742 freakboy3742 authored
View
6 django/test/client.py
@@ -428,6 +428,9 @@ def login(self, **credentials):
request.session = engine.SessionStore()
login(request, user)
+ # Save the session values.
+ request.session.save()
+
# Set the cookie to represent the session.
session_cookie = settings.SESSION_COOKIE_NAME
self.cookies[session_cookie] = request.session.session_key
@@ -440,9 +443,6 @@ def login(self, **credentials):
}
self.cookies[session_cookie].update(cookie_data)
- # Save the session values.
- request.session.save()
-
return True
else:
return False
View
21 tests/regressiontests/test_client_regress/models.py
@@ -493,6 +493,27 @@ def test_login_different_client(self):
# default client.
self.assertRedirects(response, "http://testserver/test_client_regress/get_view/")
+
+class SessionEngineTests(TestCase):
+ fixtures = ['testdata']
+
+ def setUp(self):
+ self.old_SESSION_ENGINE = settings.SESSION_ENGINE
+ settings.SESSION_ENGINE = 'regressiontests.test_client_regress.session'
+
+ def tearDown(self):
+ settings.SESSION_ENGINE = self.old_SESSION_ENGINE
+
+ def test_login(self):
+ "A session engine that modifies the session key can be used to log in"
+ login = self.client.login(username='testclient', password='password')
+ self.failUnless(login, 'Could not log in')
+
+ # Try to access a login protected page.
+ response = self.client.get("/test_client/login_protected_view/")
+ self.assertEqual(response.status_code, 200)
+ self.assertEqual(response.context['user'].username, 'testclient')
+
class URLEscapingTests(TestCase):
def test_simple_argument_get(self):
"Get a view that has a simple string argument"
View
30 tests/regressiontests/test_client_regress/session.py
@@ -0,0 +1,30 @@
+from django.contrib.sessions.backends.base import SessionBase
+
+class SessionStore(SessionBase):
+ """
+ A simple cookie-based session storage implemenation.
+
+ The session key is actually the session data, pickled and encoded.
+ This means that saving the session will change the session key.
+ """
+ def __init__(self, session_key=None):
+ super(SessionStore, self).__init__(session_key)
+
+ def exists(self, session_key):
+ return False
+
+ def create(self):
+ self.session_key = self.encode({})
+
+ def save(self, must_create=False):
+ self.session_key = self.encode(self._session)
+
+ def delete(self, session_key=None):
+ self.session_key = self.encode({})
+
+ def load(self):
+ try:
+ return self.decode(self.session_key)
+ except:
+ self.modified = True
+ return {}
Please sign in to comment.
Something went wrong with that request. Please try again.