From f081059b45610de00c52810da0f97642292db27a Mon Sep 17 00:00:00 2001
From: Russell Keith-Magee <russell@keith-magee.com>
Date: Fri, 19 Mar 2010 05:42:13 +0000
Subject: [PATCH] Fixed #13152 -- Ensure the test client saves the session
 before writing the session key to the cookie, in case the session engine
 changes the session key.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/test/client.py                         |  6 ++--
 .../test_client_regress/models.py             | 21 +++++++++++++
 .../test_client_regress/session.py            | 30 +++++++++++++++++++
 3 files changed, 54 insertions(+), 3 deletions(-)
 create mode 100644 tests/regressiontests/test_client_regress/session.py

diff --git a/django/test/client.py b/django/test/client.py
index c4537343656..d321f7fd6c6 100644
--- a/django/test/client.py
+++ b/django/test/client.py
@@ -428,6 +428,9 @@ class Client(object):
                 request.session = engine.SessionStore()
             login(request, user)
 
+            # Save the session values.
+            request.session.save()
+
             # Set the cookie to represent the session.
             session_cookie = settings.SESSION_COOKIE_NAME
             self.cookies[session_cookie] = request.session.session_key
@@ -440,9 +443,6 @@ class Client(object):
             }
             self.cookies[session_cookie].update(cookie_data)
 
-            # Save the session values.
-            request.session.save()
-
             return True
         else:
             return False
diff --git a/tests/regressiontests/test_client_regress/models.py b/tests/regressiontests/test_client_regress/models.py
index 9b40591a739..6da7ae4445b 100644
--- a/tests/regressiontests/test_client_regress/models.py
+++ b/tests/regressiontests/test_client_regress/models.py
@@ -493,6 +493,27 @@ class LoginTests(TestCase):
         # default client.
         self.assertRedirects(response, "http://testserver/test_client_regress/get_view/")
 
+
+class SessionEngineTests(TestCase):
+    fixtures = ['testdata']
+
+    def setUp(self):
+        self.old_SESSION_ENGINE = settings.SESSION_ENGINE
+        settings.SESSION_ENGINE = 'regressiontests.test_client_regress.session'
+
+    def tearDown(self):
+        settings.SESSION_ENGINE = self.old_SESSION_ENGINE
+
+    def test_login(self):
+        "A session engine that modifies the session key can be used to log in"
+        login = self.client.login(username='testclient', password='password')
+        self.failUnless(login, 'Could not log in')
+
+        # Try to access a login protected page.
+        response = self.client.get("/test_client/login_protected_view/")
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.context['user'].username, 'testclient')
+
 class URLEscapingTests(TestCase):
     def test_simple_argument_get(self):
         "Get a view that has a simple string argument"
diff --git a/tests/regressiontests/test_client_regress/session.py b/tests/regressiontests/test_client_regress/session.py
new file mode 100644
index 00000000000..74ae3b68352
--- /dev/null
+++ b/tests/regressiontests/test_client_regress/session.py
@@ -0,0 +1,30 @@
+from django.contrib.sessions.backends.base import SessionBase
+
+class SessionStore(SessionBase):
+    """
+    A simple cookie-based session storage implemenation.
+
+    The session key is actually the session data, pickled and encoded.
+    This means that saving the session will change the session key.
+    """
+    def __init__(self, session_key=None):
+        super(SessionStore, self).__init__(session_key)
+
+    def exists(self, session_key):
+        return False
+
+    def create(self):
+        self.session_key = self.encode({})
+
+    def save(self, must_create=False):
+        self.session_key = self.encode(self._session)
+
+    def delete(self, session_key=None):
+        self.session_key = self.encode({})
+
+    def load(self):
+        try:
+            return self.decode(self.session_key)
+        except:
+            self.modified = True
+            return {}
\ No newline at end of file