-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
172 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
<!doctype html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="utf-8"> | ||
|
||
<title>Django MagicLink Login sent - Please override this template</title> | ||
<meta name="description" content="Django MagicLink"> | ||
<meta name="author" content="Django MagicLink"> | ||
</head> | ||
|
||
<body> | ||
<h1>Login failed</h1> | ||
<p>It was not possible to log you in</p> | ||
<p>This could be due to one of the following reasons:</p> | ||
<ul> | ||
<li>The URL you are trying to use is malformed</li> | ||
<li>The magic link you tried to use has expired</li> | ||
<li>You have already used this magic link to login before</li> | ||
{% if ONE_TOKEN_PER_USER %} | ||
<li>You have requested another magic causing this magic link to become invalid</li> | ||
{% endif %} | ||
{% if REQUIRE_SAME_BROWSER %} | ||
<li>You are using a different browser to when you requested the login link</li> | ||
{% endif %} | ||
{% if REQUIRE_SAME_IP %} | ||
<li>You are trying to login from a different location or machine that you requested the login link from</li> | ||
{% endif %} | ||
{% if not ALLOW_SUPERUSER_LOGIN or not ALLOW_STAFF_LOGIN %} | ||
<li>You are a superuser or staff user</li> | ||
{% endif %} | ||
</ul> | ||
|
||
<p>If you are seeing this you have not yet overridden the 'MAGICLINK_LOGIN_FAILED_TEMPLATE_NAME' setting yet.</p> | ||
<p>Please see the <a href="https://github.com/pyepye/django-magiclink">README on Github</a> for more details on setting up django-magiclink correctly</p> | ||
</body> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
from importlib import reload | ||
from urllib.parse import urlencode | ||
|
||
import pytest | ||
from django.contrib.auth import get_user_model | ||
from django.http import HttpRequest | ||
from django.http.cookie import SimpleCookie | ||
from django.urls import reverse | ||
|
||
from .fixtures import magic_link, user # NOQA: F401 | ||
|
||
User = get_user_model() | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_login_verify(client, settings, user, magic_link): # NOQA: F811 | ||
url = reverse('magiclink:login_verify') | ||
request = HttpRequest() | ||
ml = magic_link(request) | ||
ml.ip_address = '127.0.0.1' # This is a little hacky | ||
ml.save() | ||
|
||
params = {'token': ml.token} | ||
params['email'] = ml.email | ||
query = urlencode(params) | ||
url = f'{url}?{query}' | ||
|
||
cookie_name = f'magiclink{ml.pk}' | ||
client.cookies = SimpleCookie({cookie_name: ml.cookie_value}) | ||
response = client.get(url) | ||
assert response.status_code == 302 | ||
assert response.url == reverse(settings.LOGIN_REDIRECT_URL) | ||
assert client.cookies[cookie_name].value == '' | ||
assert client.cookies[cookie_name]['expires'].startswith('Thu, 01 Jan 1970') # NOQA: E501 | ||
|
||
needs_login_url = reverse('needs_login') | ||
needs_login_response = client.get(needs_login_url) | ||
assert needs_login_response.status_code == 200 | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_login_verify_with_redirect(client, settings, user, magic_link): # NOQA: F811, E501 | ||
url = reverse('magiclink:login_verify') | ||
request = HttpRequest() | ||
request.META['SERVER_NAME'] = '127.0.0.1' | ||
request.META['SERVER_PORT'] = 80 | ||
ml = magic_link(request) | ||
ml.ip_address = '127.0.0.1' # This is a little hacky | ||
redirect_url = reverse('no_login') | ||
ml.redirect_url = redirect_url | ||
ml.save() | ||
url = ml.generate_url(request) | ||
|
||
client.cookies = SimpleCookie({f'magiclink{ml.pk}': ml.cookie_value}) | ||
response = client.get(url) | ||
assert response.status_code == 302 | ||
assert response.url == redirect_url | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_login_verify_failed(client, settings): | ||
settings.MAGICLINK_MAGICLINK_LOGIN_FAILED_TEMPLATE_NAME = 'magiclink/login_failed.html' # NOQA: E501 | ||
from magiclink import settings as mlsettings | ||
reload(mlsettings) | ||
|
||
url = reverse('magiclink:login_verify') | ||
response = client.get(url) | ||
assert response.status_code == 200 | ||
context = response.context_data | ||
assert context['ONE_TOKEN_PER_USER'] == mlsettings.ONE_TOKEN_PER_USER | ||
assert context['REQUIRE_SAME_BROWSER'] == mlsettings.REQUIRE_SAME_BROWSER | ||
assert context['REQUIRE_SAME_IP'] == mlsettings.REQUIRE_SAME_IP | ||
assert context['ALLOW_SUPERUSER_LOGIN'] == mlsettings.ALLOW_SUPERUSER_LOGIN | ||
assert context['ALLOW_STAFF_LOGIN'] == mlsettings.ALLOW_STAFF_LOGIN | ||
|
||
|
||
@pytest.mark.django_db | ||
def test_login_verify_no_token_404(client, settings): | ||
settings.MAGICLINK_LOGIN_FAILED_TEMPLATE_NAME = '' | ||
from magiclink import settings as mlsettings | ||
reload(mlsettings) | ||
|
||
url = reverse('magiclink:login_verify') | ||
response = client.get(url) | ||
assert response.status_code == 404 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters