django/tests/auth_tests/test_templates.py

from django.contrib.auth import authenticate
from django.contrib.auth.models import User
from django.contrib.auth.tokens import PasswordResetTokenGenerator
from django.contrib.auth.views import (
    PasswordChangeDoneView, PasswordChangeView, PasswordResetCompleteView,
    PasswordResetDoneView, PasswordResetView,
)
from django.test import RequestFactory, TestCase, override_settings
from django.urls import reverse
from django.utils.http import urlsafe_base64_encode

from .client import PasswordResetConfirmClient


@override_settings(ROOT_URLCONF='auth_tests.urls')
class AuthTemplateTests(TestCase):
    request_factory = RequestFactory()

    @classmethod
    def setUpTestData(cls):
        user = User.objects.create_user('jsmith', 'jsmith@example.com', 'pass')
        user = authenticate(username=user.username, password='pass')
        request = cls.request_factory.get('/somepath/')
        request.user = user
        cls.user, cls.request = user, request

    def test_PasswordResetView(self):
        response = PasswordResetView.as_view(success_url='dummy/')(self.request)
        self.assertContains(response, '<title>Password reset</title>')
        self.assertContains(response, '<h1>Password reset</h1>')

    def test_PasswordResetDoneView(self):
        response = PasswordResetDoneView.as_view()(self.request)
        self.assertContains(response, '<title>Password reset sent</title>')
        self.assertContains(response, '<h1>Password reset sent</h1>')

    def test_PasswordResetConfirmView_invalid_token(self):
        # PasswordResetConfirmView invalid token
        client = PasswordResetConfirmClient()
        url = reverse('password_reset_confirm', kwargs={'uidb64': 'Bad', 'token': 'Bad-Token'})
        response = client.get(url)
        self.assertContains(response, '<title>Password reset unsuccessful</title>')
        self.assertContains(response, '<h1>Password reset unsuccessful</h1>')

    def test_PasswordResetConfirmView_valid_token(self):
        # PasswordResetConfirmView valid token
        client = PasswordResetConfirmClient()
        default_token_generator = PasswordResetTokenGenerator()
        token = default_token_generator.make_token(self.user)
        uidb64 = urlsafe_base64_encode(str(self.user.pk).encode())
        url = reverse('password_reset_confirm', kwargs={'uidb64': uidb64, 'token': token})
        response = client.get(url)
        self.assertContains(response, '<title>Enter new password</title>')
        self.assertContains(response, '<h1>Enter new password</h1>')

    def test_PasswordResetCompleteView(self):
        response = PasswordResetCompleteView.as_view()(self.request)
        self.assertContains(response, '<title>Password reset complete</title>')
        self.assertContains(response, '<h1>Password reset complete</h1>')

    def test_PasswordResetChangeView(self):
        response = PasswordChangeView.as_view(success_url='dummy/')(self.request)
        self.assertContains(response, '<title>Password change</title>')
        self.assertContains(response, '<h1>Password change</h1>')

    def test_PasswordChangeDoneView(self):
        response = PasswordChangeDoneView.as_view()(self.request)
        self.assertContains(response, '<title>Password change successful</title>')
        self.assertContains(response, '<h1>Password change successful</h1>')
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`from django.contrib.auth import authenticate`
			`from django.contrib.auth.models import User`
			`from django.contrib.auth.tokens import PasswordResetTokenGenerator`
			`from django.contrib.auth.views import (`
Fixed #17209 -- Added password reset/change class-based views Thanks Tim Graham for the review. 2013-04-10 05:31:58 +08:00			`PasswordChangeDoneView, PasswordChangeView, PasswordResetCompleteView,`
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`PasswordResetDoneView, PasswordResetView,`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`)`
Sorted imports with isort; refs #23860. 2015-01-28 20:35:27 +08:00			`from django.test import RequestFactory, TestCase, override_settings`
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`from django.urls import reverse`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`from django.utils.http import urlsafe_base64_encode`

Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`from .client import PasswordResetConfirmClient`

Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00
Fixed #26175 -- Removed SHA1 password hashes in tests. 2016-02-06 04:56:52 +08:00			`@override_settings(ROOT_URLCONF='auth_tests.urls')`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`class AuthTemplateTests(TestCase):`
Made reused RequestFactory instances class attributes. 2018-11-27 03:01:27 +08:00			`request_factory = RequestFactory()`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00
Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`@classmethod`
			`def setUpTestData(cls):`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`user = User.objects.create_user('jsmith', 'jsmith@example.com', 'pass')`
			`user = authenticate(username=user.username, password='pass')`
Made reused RequestFactory instances class attributes. 2018-11-27 03:01:27 +08:00			`request = cls.request_factory.get('/somepath/')`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`request.user = user`
Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`cls.user, cls.request = user, request`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00
Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetView(self):`
			`response = PasswordResetView.as_view(success_url='dummy/')(self.request)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Password reset</title>')`
			`self.assertContains(response, '<h1>Password reset</h1>')`

Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetDoneView(self):`
			`response = PasswordResetDoneView.as_view()(self.request)`
Refs #23793 -- Fixed test failure after password reset messages clarification 2014-11-16 00:05:24 +08:00			`self.assertContains(response, '<title>Password reset sent</title>')`
			`self.assertContains(response, '<h1>Password reset sent</h1>')`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00
Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetConfirmView_invalid_token(self):`
Fixed #17209 -- Added password reset/change class-based views Thanks Tim Graham for the review. 2013-04-10 05:31:58 +08:00			`# PasswordResetConfirmView invalid token`
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`client = PasswordResetConfirmClient()`
			`url = reverse('password_reset_confirm', kwargs={'uidb64': 'Bad', 'token': 'Bad-Token'})`
			`response = client.get(url)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Password reset unsuccessful</title>')`
			`self.assertContains(response, '<h1>Password reset unsuccessful</h1>')`

Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetConfirmView_valid_token(self):`
Fixed #17209 -- Added password reset/change class-based views Thanks Tim Graham for the review. 2013-04-10 05:31:58 +08:00			`# PasswordResetConfirmView valid token`
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`client = PasswordResetConfirmClient()`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`default_token_generator = PasswordResetTokenGenerator()`
Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`token = default_token_generator.make_token(self.user)`
Refs #27795 -- Removed force_bytes() usage from django/utils/http.py. django.utils.http.urlsafe_base64_encode() now returns a string, not a bytestring. Since URLs are represented as strings, urlsafe_base64_encode() should return a string. All uses immediately decoded the bytestring to a string anyway. As the inverse operation, urlsafe_base64_decode() accepts a string. 2018-10-02 07:18:04 +08:00			`uidb64 = urlsafe_base64_encode(str(self.user.pk).encode())`
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. Thanks Florian Apolloner for contributing to this patch and Collin Anderson, Markus Holtermann, and Tim Graham for review. 2017-01-13 22:17:54 +08:00			`url = reverse('password_reset_confirm', kwargs={'uidb64': uidb64, 'token': token})`
			`response = client.get(url)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Enter new password</title>')`
			`self.assertContains(response, '<h1>Enter new password</h1>')`

Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetCompleteView(self):`
			`response = PasswordResetCompleteView.as_view()(self.request)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Password reset complete</title>')`
			`self.assertContains(response, '<h1>Password reset complete</h1>')`

Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordResetChangeView(self):`
			`response = PasswordChangeView.as_view(success_url='dummy/')(self.request)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Password change</title>')`
			`self.assertContains(response, '<h1>Password change</h1>')`

Split AuthTemplateTests into test methods. 2017-01-12 07:12:06 +08:00			`def test_PasswordChangeDoneView(self):`
			`response = PasswordChangeDoneView.as_view()(self.request)`
Fixed #18511 -- Cleaned up admin password reset template titles. 2012-07-03 17:50:40 +08:00			`self.assertContains(response, '<title>Password change successful</title>')`
			`self.assertContains(response, '<h1>Password change successful</h1>')`