innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Added tests for signing non-string values and updated docs.

This commit is contained in:
Claude Paroz 2020-01-30 10:31:47 +01:00 committed by Mariusz Felisiak
parent 579f33eb79
commit 8c0c0235b6
2 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/topics/signing.txt
View File

@ -53,6 +53,15 @@ You can retrieve the original value using the ``unsign`` method::
>>> original >>> original
'My string' 'My string'
If you pass a non-string value to ``sign``, the value will be forced to string
before being signed, and the ``unsign`` result will give you that string
value::
>>> signed = signer.sign(2.5)
>>> original = signer.unsign(signed)
>>> original
'2.5'
If the signature or value have been altered in any way, a If the signature or value have been altered in any way, a
``django.core.signing.BadSignature`` exception will be raised:: ``django.core.signing.BadSignature`` exception will be raised::

15
tests/signing/tests.py
View File

@ -49,6 +49,21 @@ class TestSigner(SimpleTestCase):
self.assertNotEqual(example, signed) self.assertNotEqual(example, signed)
self.assertEqual(example, signer.unsign(signed)) self.assertEqual(example, signer.unsign(signed))
def test_sign_unsign_non_string(self):
signer = signing.Signer('predictable-secret')
values = [
123,
1.23,
True,
datetime.date.today(),
]
for value in values:
with self.subTest(value):
signed = signer.sign(value)
self.assertIsInstance(signed, str)
self.assertNotEqual(signed, value)
self.assertEqual(signer.unsign(signed), str(value))
def test_unsign_detects_tampering(self): def test_unsign_detects_tampering(self):
"unsign should raise an exception if the value has been tampered with" "unsign should raise an exception if the value has been tampered with"
signer = signing.Signer('predictable-secret') signer = signing.Signer('predictable-secret')