Página Principal Explorar Ajuda
Iniciar Sessão
CityApper
/
django
mirror de https://github.com/django/django
2
0
Fork 0
Ficheiros Problemas 0 Wiki
Árvore: 2d7aca3da0
Ramos Etiquetas
django
/
tests
/
auth_tests
/
test_tokens.py

test_tokens.py 2.5 KB
Histórico Em bruto

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. import sys
    2. 

  2. import unittest
    3. 

  3. from datetime import date, timedelta
    4. 

  4. 

  5. from django.conf import settings
    6. 

  6. from django.contrib.auth.models import User
    7. 

  7. from django.contrib.auth.tokens import PasswordResetTokenGenerator
    8. 

  8. from django.test import TestCase
    9. 

  9. 

  10. 

  11. class TokenGeneratorTest(TestCase):
    12. 

  12. 

  13.     def test_make_token(self):
    14. 

  14.         """
    15. 

  15.         Ensure that we can make a token and that it is valid
    16. 

  16.         """
    17. 

  17.         user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
    18. 

  18.         p0 = PasswordResetTokenGenerator()
    19. 

  19.         tk1 = p0.make_token(user)
    20. 

  20.         self.assertTrue(p0.check_token(user, tk1))
    21. 

  21. 

  22.     def test_10265(self):
    23. 

  23.         """
    24. 

  24.         Ensure that the token generated for a user created in the same request
    25. 

  25.         will work correctly.
    26. 

  26.         """
    27. 

  27.         # See ticket #10265
    28. 

  28.         user = User.objects.create_user('comebackkid', 'test3@example.com', 'testpw')
    29. 

  29.         p0 = PasswordResetTokenGenerator()
    30. 

  30.         tk1 = p0.make_token(user)
    31. 

  31.         reload = User.objects.get(username='comebackkid')
    32. 

  32.         tk2 = p0.make_token(reload)
    33. 

  33.         self.assertEqual(tk1, tk2)
    34. 

  34. 

  35.     def test_timeout(self):
    36. 

  36.         """
    37. 

  37.         Ensure we can use the token after n days, but no greater.
    38. 

  38.         """
    39. 

  39.         # Uses a mocked version of PasswordResetTokenGenerator so we can change
    40. 

  40.         # the value of 'today'
    41. 

  41.         class Mocked(PasswordResetTokenGenerator):
    42. 

  42.             def __init__(self, today):
    43. 

  43.                 self._today_val = today
    44. 

  44. 

  45.             def _today(self):
    46. 

  46.                 return self._today_val
    47. 

  47. 

  48.         user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
    49. 

  49.         p0 = PasswordResetTokenGenerator()
    50. 

  50.         tk1 = p0.make_token(user)
    51. 

  51.         p1 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS))
    52. 

  52.         self.assertTrue(p1.check_token(user, tk1))
    53. 

  53. 

  54.         p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1))
    55. 

  55.         self.assertFalse(p2.check_token(user, tk1))
    56. 

  56. 

  57.     @unittest.skipIf(sys.version_info[:2] >= (3, 0), "Unnecessary test with Python 3")
    58. 

  58.     def test_date_length(self):
    59. 

  59.         """
    60. 

  60.         Make sure we don't allow overly long dates, causing a potential DoS.
    61. 

  61.         """
    62. 

  62.         user = User.objects.create_user('ima1337h4x0r', 'test4@example.com', 'p4ssw0rd')
    63. 

  63.         p0 = PasswordResetTokenGenerator()
    64. 

  64. 

  65.         # This will put a 14-digit base36 timestamp into the token, which is too large.
    66. 

  66.         self.assertRaises(ValueError,
    67. 

  67.                           p0._make_token_with_timestamp,
    68. 

  68.                           user, 175455491841851871349)
    69.