diff --git a/django/contrib/auth/management/__init__.py b/django/contrib/auth/management/__init__.py index 7abd2abcf4..7dcbfe4746 100644 --- a/django/contrib/auth/management/__init__.py +++ b/django/contrib/auth/management/__init__.py @@ -108,7 +108,7 @@ def get_default_username(check_db=True): default_username = get_system_username() try: default_username = unicodedata.normalize('NFKD', default_username)\ - .encode('ascii', 'ignore').replace(' ', '').lower() + .encode('ascii', 'ignore').decode('ascii').replace(' ', '').lower() except UnicodeDecodeError: return '' if not RE_VALID_USERNAME.match(default_username): diff --git a/django/contrib/auth/tests/tokens.py b/django/contrib/auth/tests/tokens.py index beccfc5d07..44117a4f84 100644 --- a/django/contrib/auth/tests/tokens.py +++ b/django/contrib/auth/tests/tokens.py @@ -1,9 +1,11 @@ +import sys from datetime import date, timedelta from django.conf import settings from django.contrib.auth.models import User from django.contrib.auth.tokens import PasswordResetTokenGenerator from django.test import TestCase +from django.utils import unittest class TokenGeneratorTest(TestCase): @@ -51,6 +53,7 @@ class TokenGeneratorTest(TestCase): p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)) self.assertFalse(p2.check_token(user, tk1)) + @unittest.skipIf(sys.version_info[:2] >= (3, 0), "Unnecessary test with Python 3") def test_date_length(self): """ Make sure we don't allow overly long dates, causing a potential DoS. diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py index ccfc7a1003..c30d6ec6d0 100644 --- a/django/contrib/auth/views.py +++ b/django/contrib/auth/views.py @@ -200,7 +200,7 @@ def password_reset_confirm(request, uidb36=None, token=None, try: uid_int = base36_to_int(uidb36) user = User.objects.get(id=uid_int) - except (ValueError, User.DoesNotExist): + except (ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and token_generator.check_token(user, token):