diff --git a/django/contrib/auth/tests/__init__.py b/django/contrib/auth/tests/__init__.py index bc67d16d866..98061a157a8 100644 --- a/django/contrib/auth/tests/__init__.py +++ b/django/contrib/auth/tests/__init__.py @@ -5,12 +5,8 @@ from django.contrib.auth.tests.forms import UserCreationFormTest, Authentication from django.contrib.auth.tests.remote_user \ import RemoteUserTest, RemoteUserNoCreateTest, RemoteUserCustomTest from django.contrib.auth.tests.models import ProfileTestCase -from django.contrib.auth.tests.tokens import TOKEN_GENERATOR_TESTS +from django.contrib.auth.tests.tokens import TokenGeneratorTest from django.contrib.auth.tests.views \ import PasswordResetTest, ChangePasswordTest, LoginTest, LogoutTest # The password for the fixture data users is 'password' - -__test__ = { - 'TOKEN_GENERATOR_TESTS': TOKEN_GENERATOR_TESTS, -} diff --git a/django/contrib/auth/tests/tokens.py b/django/contrib/auth/tests/tokens.py index 03cc1e3c114..e9e90493be2 100644 --- a/django/contrib/auth/tests/tokens.py +++ b/django/contrib/auth/tests/tokens.py @@ -1,37 +1,52 @@ -TOKEN_GENERATOR_TESTS = """ ->>> from django.contrib.auth.models import User, AnonymousUser ->>> from django.contrib.auth.tokens import PasswordResetTokenGenerator ->>> from django.conf import settings ->>> u = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') ->>> p0 = PasswordResetTokenGenerator() ->>> tk1 = p0.make_token(u) ->>> p0.check_token(u, tk1) -True +from datetime import date, timedelta ->>> u = User.objects.create_user('comebackkid', 'test3@example.com', 'testpw') ->>> p0 = PasswordResetTokenGenerator() ->>> tk1 = p0.make_token(u) ->>> reload = User.objects.get(username='comebackkid') ->>> tk2 = p0.make_token(reload) ->>> tk1 == tk2 -True +from django.conf import settings +from django.contrib.auth.models import User, AnonymousUser +from django.contrib.auth.tokens import PasswordResetTokenGenerator +from django.test import TestCase -Tests to ensure we can use the token after n days, but no greater. -Use a mocked version of PasswordResetTokenGenerator so we can change -the value of 'today' ->>> class Mocked(PasswordResetTokenGenerator): -... def __init__(self, today): -... self._today_val = today -... def _today(self): -... return self._today_val +class TokenGeneratorTest(TestCase): ->>> from datetime import date, timedelta ->>> p1 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS)) ->>> p1.check_token(u, tk1) -True ->>> p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)) ->>> p2.check_token(u, tk1) -False + def test_make_token(self): + """ + Ensure that we can make a token and that it is valid + """ + user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') + p0 = PasswordResetTokenGenerator() + tk1 = p0.make_token(user) + self.assertTrue(p0.check_token(user, tk1)) -""" + def test_10265(self): + """ + Ensure that the token generated for a user created in the same request + will work correctly. + """ + # See ticket #10265 + user = User.objects.create_user('comebackkid', 'test3@example.com', 'testpw') + p0 = PasswordResetTokenGenerator() + tk1 = p0.make_token(user) + reload = User.objects.get(username='comebackkid') + tk2 = p0.make_token(reload) + self.assertEqual(tk1, tk2) + + def test_timeout(self): + """ + Ensure we can use the token after n days, but no greater. + """ + # Uses a mocked version of PasswordResetTokenGenerator so we can change + # the value of 'today' + class Mocked(PasswordResetTokenGenerator): + def __init__(self, today): + self._today_val = today + def _today(self): + return self._today_val + + user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') + p0 = PasswordResetTokenGenerator() + tk1 = p0.make_token(user) + p1 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS)) + self.assertTrue(p1.check_token(user, tk1)) + + p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)) + self.assertFalse(p2.check_token(user, tk1))