|
|
@@ -274,45 +274,38 @@ class PasswordResetTest(AuthViewsTestCase):
|
|
|
|
|
|
def test_reset_redirect_default(self):
|
|
|
response = self.client.post('/password_reset/', {'email': 'staffmember@example.com'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_reset/done/')
|
|
|
+ self.assertRedirects(response, '/password_reset/done/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_reset_custom_redirect(self):
|
|
|
response = self.client.post('/password_reset/custom_redirect/', {'email': 'staffmember@example.com'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/custom/')
|
|
|
+ self.assertRedirects(response, '/custom/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_reset_custom_redirect_named(self):
|
|
|
response = self.client.post('/password_reset/custom_redirect/named/', {'email': 'staffmember@example.com'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_reset/')
|
|
|
+ self.assertRedirects(response, '/password_reset/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_confirm_redirect_default(self):
|
|
|
url, path = self._test_confirm_start()
|
|
|
response = self.client.post(path, {'new_password1': 'anewpassword', 'new_password2': 'anewpassword'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/reset/done/')
|
|
|
+ self.assertRedirects(response, '/reset/done/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_confirm_redirect_custom(self):
|
|
|
url, path = self._test_confirm_start()
|
|
|
path = path.replace('/reset/', '/reset/custom/')
|
|
|
response = self.client.post(path, {'new_password1': 'anewpassword', 'new_password2': 'anewpassword'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/custom/')
|
|
|
+ self.assertRedirects(response, '/custom/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_confirm_redirect_custom_named(self):
|
|
|
url, path = self._test_confirm_start()
|
|
|
path = path.replace('/reset/', '/reset/custom/named/')
|
|
|
response = self.client.post(path, {'new_password1': 'anewpassword', 'new_password2': 'anewpassword'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_reset/')
|
|
|
+ self.assertRedirects(response, '/password_reset/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_confirm_login_post_reset(self):
|
|
|
url, path = self._test_confirm_start()
|
|
|
path = path.replace('/reset/', '/reset/post_reset_login/')
|
|
|
response = self.client.post(path, {'new_password1': 'anewpassword', 'new_password2': 'anewpassword'})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/reset/done/')
|
|
|
+ self.assertRedirects(response, '/reset/done/', fetch_redirect_response=False)
|
|
|
self.assertIn(SESSION_KEY, self.client.session)
|
|
|
|
|
|
def test_confirm_display_user_from_form(self):
|
|
|
@@ -432,14 +425,12 @@ class ChangePasswordTest(AuthViewsTestCase):
|
|
|
'new_password1': 'password1',
|
|
|
'new_password2': 'password1',
|
|
|
})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_change/done/')
|
|
|
+ self.assertRedirects(response, '/password_change/done/', fetch_redirect_response=False)
|
|
|
|
|
|
@override_settings(LOGIN_URL='/login/')
|
|
|
def test_password_change_done_fails(self):
|
|
|
response = self.client.get('/password_change/done/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/login/?next=/password_change/done/')
|
|
|
+ self.assertRedirects(response, '/login/?next=/password_change/done/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_password_change_redirect_default(self):
|
|
|
self.login()
|
|
|
@@ -448,8 +439,7 @@ class ChangePasswordTest(AuthViewsTestCase):
|
|
|
'new_password1': 'password1',
|
|
|
'new_password2': 'password1',
|
|
|
})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_change/done/')
|
|
|
+ self.assertRedirects(response, '/password_change/done/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_password_change_redirect_custom(self):
|
|
|
self.login()
|
|
|
@@ -458,8 +448,7 @@ class ChangePasswordTest(AuthViewsTestCase):
|
|
|
'new_password1': 'password1',
|
|
|
'new_password2': 'password1',
|
|
|
})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/custom/')
|
|
|
+ self.assertRedirects(response, '/custom/', fetch_redirect_response=False)
|
|
|
|
|
|
def test_password_change_redirect_custom_named(self):
|
|
|
self.login()
|
|
|
@@ -468,8 +457,7 @@ class ChangePasswordTest(AuthViewsTestCase):
|
|
|
'new_password1': 'password1',
|
|
|
'new_password2': 'password1',
|
|
|
})
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_reset/')
|
|
|
+ self.assertRedirects(response, '/password_reset/', fetch_redirect_response=False)
|
|
|
|
|
|
|
|
|
class SessionAuthenticationTests(AuthViewsTestCase):
|
|
|
@@ -704,8 +692,7 @@ class LoginRedirectUrlTest(AuthViewsTestCase):
|
|
|
"""Tests for settings.LOGIN_REDIRECT_URL."""
|
|
|
def assertLoginRedirectURLEqual(self, url):
|
|
|
response = self.login()
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, url)
|
|
|
+ self.assertRedirects(response, url, fetch_redirect_response=False)
|
|
|
|
|
|
def test_default(self):
|
|
|
self.assertLoginRedirectURLEqual('/accounts/profile/')
|
|
|
@@ -830,8 +817,7 @@ class LoginSuccessURLAllowedHostsTest(AuthViewsTestCase):
|
|
|
'next': 'https://testserver/home',
|
|
|
})
|
|
|
self.assertIn(SESSION_KEY, self.client.session)
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, 'https://testserver/home')
|
|
|
+ self.assertRedirects(response, 'https://testserver/home', fetch_redirect_response=False)
|
|
|
|
|
|
def test_success_url_allowed_hosts_safe_host(self):
|
|
|
response = self.client.post('/login/allowed_hosts/', {
|
|
|
@@ -840,8 +826,7 @@ class LoginSuccessURLAllowedHostsTest(AuthViewsTestCase):
|
|
|
'next': 'https://otherserver/home',
|
|
|
})
|
|
|
self.assertIn(SESSION_KEY, self.client.session)
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, 'https://otherserver/home')
|
|
|
+ self.assertRedirects(response, 'https://otherserver/home', fetch_redirect_response=False)
|
|
|
|
|
|
def test_success_url_allowed_hosts_unsafe_host(self):
|
|
|
response = self.client.post('/login/allowed_hosts/', {
|
|
|
@@ -850,8 +835,7 @@ class LoginSuccessURLAllowedHostsTest(AuthViewsTestCase):
|
|
|
'next': 'https://evil/home',
|
|
|
})
|
|
|
self.assertIn(SESSION_KEY, self.client.session)
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/accounts/profile/')
|
|
|
+ self.assertRedirects(response, '/accounts/profile/', fetch_redirect_response=False)
|
|
|
|
|
|
|
|
|
class LogoutTest(AuthViewsTestCase):
|
|
|
@@ -884,12 +868,10 @@ class LogoutTest(AuthViewsTestCase):
|
|
|
# Bug 11223
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/next_page/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/somewhere/')
|
|
|
+ self.assertRedirects(response, '/somewhere/', fetch_redirect_response=False)
|
|
|
|
|
|
response = self.client.get('/logout/next_page/?next=/login/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/login/')
|
|
|
+ self.assertRedirects(response, '/login/', fetch_redirect_response=False)
|
|
|
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
@@ -897,53 +879,46 @@ class LogoutTest(AuthViewsTestCase):
|
|
|
"Logout with next_page option given redirects to specified resource"
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/next_page/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/somewhere/')
|
|
|
+ self.assertRedirects(response, '/somewhere/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_logout_with_redirect_argument(self):
|
|
|
"Logout with query string redirects to specified resource"
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/?next=/login/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/login/')
|
|
|
+ self.assertRedirects(response, '/login/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_logout_with_custom_redirect_argument(self):
|
|
|
"Logout with custom query string redirects to specified resource"
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/custom_query/?follow=/somewhere/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/somewhere/')
|
|
|
+ self.assertRedirects(response, '/somewhere/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_logout_with_named_redirect(self):
|
|
|
"Logout resolves names or URLs passed as next_page."
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/next_page/named/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/password_reset/')
|
|
|
+ self.assertRedirects(response, '/password_reset/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_success_url_allowed_hosts_same_host(self):
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/allowed_hosts/?next=https://testserver/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, 'https://testserver/')
|
|
|
+ self.assertRedirects(response, 'https://testserver/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_success_url_allowed_hosts_safe_host(self):
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/allowed_hosts/?next=https://otherserver/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, 'https://otherserver/')
|
|
|
+ self.assertRedirects(response, 'https://otherserver/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_success_url_allowed_hosts_unsafe_host(self):
|
|
|
self.login()
|
|
|
response = self.client.get('/logout/allowed_hosts/?next=https://evil/')
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertURLEqual(response.url, '/logout/allowed_hosts/')
|
|
|
+ self.assertRedirects(response, '/logout/allowed_hosts/', fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_security_check(self):
|
|
|
@@ -999,9 +974,7 @@ class LogoutTest(AuthViewsTestCase):
|
|
|
}
|
|
|
self.login()
|
|
|
response = self.client.get(url, secure=True)
|
|
|
- self.assertEqual(response.status_code, 302)
|
|
|
- self.assertNotEqual(response.url, non_https_next_url)
|
|
|
- self.assertEqual(response.url, logout_url)
|
|
|
+ self.assertRedirects(response, logout_url, fetch_redirect_response=False)
|
|
|
self.confirm_logged_out()
|
|
|
|
|
|
def test_logout_preserve_language(self):
|
Tim Graham