Fixed #24315 -- Fixed auth.views.password_reset_confirm() with a UUID user.

2015-02-13 09:12:30 -05:00 · 2015-02-13 09:12:30 -05:00 · 002425fe39
parent fdf20093e0
commit 002425fe39
2 changed files with 25 additions and 2 deletions
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@ -17,6 +17,7 @@ from django.http import HttpResponseRedirect, QueryDict
 from django.shortcuts import resolve_url
 from django.template.response import TemplateResponse
 from django.utils.deprecation import RemovedInDjango20Warning
+from django.utils.encoding import force_text
 from django.utils.http import is_safe_url, urlsafe_base64_decode
 from django.utils.six.moves.urllib.parse import urlparse, urlunparse
 from django.utils.translation import ugettext as _
@ -230,7 +231,8 @@ def password_reset_confirm(request, uidb64=None, token=None,
    else:
        post_reset_redirect = resolve_url(post_reset_redirect)
    try:
-        uid = urlsafe_base64_decode(uidb64)
+        # urlsafe_base64_decode() decodes to bytestring on Python 3
+        uid = force_text(urlsafe_base64_decode(uidb64))
        user = UserModel._default_manager.get(pk=uid)
    except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
        user = None
--- a/tests/auth_tests/test_views.py
+++ b/tests/auth_tests/test_views.py
@ -334,10 +334,11 @@ class PasswordResetTest(AuthViewsTestCase):
@override_settings(AUTH_USER_MODEL='auth.CustomUser')
 class CustomUserPasswordResetTest(AuthViewsTestCase):
    fixtures = ['custom_user.json']
+    user_email = 'staffmember@example.com'

    def _test_confirm_start(self):
        # Start by creating the email
-        response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'})
+        response = self.client.post('/password_reset/', {'email': self.user_email})
        self.assertEqual(response.status_code, 302)
        self.assertEqual(len(mail.outbox), 1)
        return self._read_signup_email(mail.outbox[0])
@ -352,6 +353,26 @@ class CustomUserPasswordResetTest(AuthViewsTestCase):
        response = self.client.get(path)
        # redirect to a 'complete' page:
        self.assertContains(response, "Please enter your new password")
+        # then submit a new password
+        response = self.client.post(path, {
+            'new_password1': 'anewpassword',
+            'new_password2': 'anewpassword',
+        })
+        self.assertRedirects(response, '/reset/done/')
+
+
+@override_settings(AUTH_USER_MODEL='auth.UUIDUser')
+class UUIDUserPasswordResetTest(CustomUserPasswordResetTest):
+    fixtures = None
+
+    def _test_confirm_start(self):
+        # instead of fixture
+        UUIDUser.objects.create_user(
+            email=self.user_email,
+            username='foo',
+            password='foo',
+        )
+        return super(UUIDUserPasswordResetTest, self)._test_confirm_start()


 class ChangePasswordTest(AuthViewsTestCase):