diff --git a/django/contrib/auth/handlers/modwsgi.py b/django/contrib/auth/handlers/modwsgi.py index 3229c6714b..5ee4d609f7 100644 --- a/django/contrib/auth/handlers/modwsgi.py +++ b/django/contrib/auth/handlers/modwsgi.py @@ -21,17 +21,12 @@ def check_password(environ, username, password): user = UserModel.objects.get_by_natural_key(username) except UserModel.DoesNotExist: return None - try: - if not user.is_active: - return None - except AttributeError as e: - # a custom user may not support is_active + if not user.is_active: return None return user.check_password(password) finally: db.close_connection() - def groups_for_user(environ, username): """ Authorizes a user based on groups diff --git a/django/contrib/auth/tests/handlers.py b/django/contrib/auth/tests/handlers.py index 4b36ba3c13..04ab46f75b 100644 --- a/django/contrib/auth/tests/handlers.py +++ b/django/contrib/auth/tests/handlers.py @@ -2,31 +2,23 @@ from __future__ import unicode_literals from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user from django.contrib.auth.models import User, Group +from django.contrib.auth.tests import CustomUser from django.contrib.auth.tests.utils import skipIfCustomUser from django.test import TransactionTestCase +from django.test.utils import override_settings class ModWsgiHandlerTestCase(TransactionTestCase): """ Tests for the mod_wsgi authentication handler """ - - def setUp(self): - user1 = User.objects.create_user('test', 'test@example.com', 'test') - User.objects.create_user('test1', 'test1@example.com', 'test1') - group = Group.objects.create(name='test_group') - user1.groups.add(group) - @skipIfCustomUser def test_check_password(self): """ Verify that check_password returns the correct values as per http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider - - because the custom user available in the test framework does not - support the is_active attribute, we can't test this with a custom - user. """ + User.objects.create_user('test', 'test@example.com', 'test') # User not in database self.assertTrue(check_password({}, 'unknown', '') is None) @@ -34,15 +26,43 @@ class ModWsgiHandlerTestCase(TransactionTestCase): # Valid user with correct password self.assertTrue(check_password({}, 'test', 'test')) + # correct password, but user is inactive + User.objects.filter(username='test').update(is_active=False) + self.assertFalse(check_password({}, 'test', 'test')) + # Valid user with incorrect password self.assertFalse(check_password({}, 'test', 'incorrect')) + @override_settings(AUTH_USER_MODEL='auth.CustomUser') + def test_check_password_custom_user(self): + """ + Verify that check_password returns the correct values as per + http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider + + with custom user installed + """ + + CustomUser.objects.create_user('test@example.com', '1990-01-01', 'test') + + # User not in database + self.assertTrue(check_password({}, 'unknown', '') is None) + + # Valid user with correct password' + self.assertTrue(check_password({}, 'test@example.com', 'test')) + + # Valid user with incorrect password + self.assertFalse(check_password({}, 'test@example.com', 'incorrect')) + @skipIfCustomUser def test_groups_for_user(self): """ Check that groups_for_user returns correct values as per http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Group_Authorisation """ + user1 = User.objects.create_user('test', 'test@example.com', 'test') + User.objects.create_user('test1', 'test1@example.com', 'test1') + group = Group.objects.create(name='test_group') + user1.groups.add(group) # User not in database self.assertEqual(groups_for_user({}, 'unknown'), [])