Ejemplo n.º 1
0
 def test_offsite_redirects_disallowed(self):
     # The framework ought to make sure the auth mechanism doesn't allow
     # people to craft URLs that will send users to arbitrary places
     # through our site, but there's a hole:
     # https://github.com/omab/django-social-auth/issues/676
     # so we'll do this check ourselves.
     redirect_to = 'http://example.com/hackme'
     self.request = RequestFactory().get('/login',
         {REDIRECT_FIELD_NAME: redirect_to})
     response = login(self.request)
     self.assertNotContains(response, redirect_to)
Ejemplo n.º 2
0
 def test_login_page_renders(self):
     self.request = RequestFactory().request()
     response = login(self.request)
     self.assertTemplateUsed(response, "code_scouts_platform/login.html")
     self.assertContains(response, "Persona", status_code=200)
Ejemplo n.º 3
0
 def test_login_page_includes_redirect_target(self):
     redirect_to = '/redirect_to_here'
     self.request = RequestFactory().get('/login',
         {REDIRECT_FIELD_NAME: redirect_to})
     response = login(self.request)
     self.assertContains(response, redirect_to)