Permalink
Browse files

Check activation key expiration

  • Loading branch information...
atodorov committed Aug 7, 2017
1 parent 9bedbc8 commit 92162112bf2214b8eacf37ba3a796414b129a700
Showing with 43 additions and 0 deletions.
  1. +32 −0 tcms/core/contrib/auth/tests.py
  2. +11 −0 tcms/core/contrib/auth/views.py
@@ -183,6 +183,10 @@ def setUpTestData(cls):
email='new-user@example.com',
password='password')
def setUp(self):
self.new_user.is_active = False
self.new_user.save()
def test_fail_if_activation_key_not_exist(self):
confirm_url = reverse('tcms-confirm',
args=['nonexisting-activation-key'])
@@ -197,6 +201,33 @@ def test_fail_if_activation_key_not_exist(self):
'<a href="{}">Continue</a>'.format(reverse('core-views-index')),
html=True)
# user account not activated
user = User.objects.get(username=self.new_user.username)
self.assertFalse(user.is_active)
def test_fail_if_activation_key_expired(self):
fake_activation_key = 'secret-activation-key'
with patch('tcms.core.contrib.auth.models.sha1') as sha1:
sha1.return_value.hexdigest.return_value = fake_activation_key
key = UserActivateKey.set_random_key_for_user(self.new_user)
key.key_expires = datetime.datetime.now() - datetime.timedelta(days=10)
key.save()
confirm_url = reverse('tcms-confirm', args=[fake_activation_key])
response = self.client.get(confirm_url)
self.assertContains(response, 'This key has expired')
self.assertContains(
response,
'<a href="{}">Continue</a>'.format(reverse('core-views-index')),
html=True)
# user account not activated
user = User.objects.get(username=self.new_user.username)
self.assertFalse(user.is_active)
def test_confirm(self):
fake_activate_key = 'secret-activate-key'
@@ -218,6 +249,7 @@ def test_confirm(self):
reverse('tcms-redirect_to_profile')),
html=True)
# user account activated
user = User.objects.get(username=self.new_user.username)
self.assertTrue(user.is_active)
activate_key_deleted = not UserActivateKey.objects.filter(user=user).exists()
@@ -1,5 +1,7 @@
# -*- coding: utf-8 -*-
from datetime import datetime
from django.conf import settings
from django.contrib import auth
from django.core.urlresolvers import reverse
@@ -94,6 +96,15 @@ def confirm(request, activation_key):
next=request.GET.get('next', reverse('core-views-index'))
)
if ak.key_expires <= datetime.now():
msg = 'This key has expired!'
return Prompt.render(
request=request,
info_type=Prompt.Info,
info=msg,
next=request.GET.get('next', reverse('core-views-index'))
)
# All thing done, start to active the user and use the user login
user = ak.user
user.is_active = True

0 comments on commit 9216211

Please sign in to comment.