def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
"""
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
"""
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password_custom_user(self):
"""
check_password() returns the correct values as per
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
with a custom user installed.
"""
CustomUser._default_manager.create_user('*****@*****.**', '1990-01-01', 'test')
# User not in database
self.assertIsNone(check_password({}, 'unknown', ''))
# Valid user with correct password'
self.assertTrue(check_password({}, '*****@*****.**', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, '*****@*****.**', 'incorrect'))
def login(request):
if request.method == 'GET':
return render(request, 'user/user_login.html')
if request.method == 'POST':
username = request.POST.get('username')
password = request.POST.get('password')
if not all([username, password]):
data = {'msg': '请填写完整信息'}
if UserModel.objects.filter(username=username).exists():
user = UserModel.objects.get(username=username)
if check_password(password, user.password):
ticket = get_ticket()
res = HttpResponseRedirect(reverse('user:my'))
out_time = datetime.now() + datetime.timedelta(days=1)
res.set_cookie('ticket', ticket, expires=out_time)
UserTicketModel.objects.create(user=user,
ticket=ticket,
out_time=out_time)
return res
else:
data['msg'] = '密码错误'
else:
data = {'msg': '用户名不存在'}
return render(request, 'user/user_login.html', data)
def test_check_password_custom_user(self):
"""
check_password() returns the correct values as per
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
with a custom user installed.
"""
CustomUser._default_manager.create_user("*****@*****.**",
"1990-01-01", "test")
# User not in database
self.assertIsNone(check_password({}, "unknown", ""))
# Valid user with correct password'
self.assertTrue(check_password({}, "*****@*****.**", "test"))
# Valid user with incorrect password
self.assertFalse(check_password({}, "*****@*****.**", "incorrect"))
def test_check_password_custom_user(self):
"""
Verify that check_password returns the correct values as per
https://modwsgi.readthedocs.org/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
with custom user installed
"""
CustomUser._default_manager.create_user('*****@*****.**', '1990-01-01', 'test')
# User not in database
self.assertIsNone(check_password({}, 'unknown', ''))
# Valid user with correct password'
self.assertTrue(check_password({}, '*****@*****.**', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, '*****@*****.**', 'incorrect'))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
because the custom user available in the test framework does not
support the is_active attribute, we can't test this with a custom
user.
"""
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password_custom_user(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
with custom user installed
"""
CustomUser._default_manager.create_user('*****@*****.**', '1990-01-01', 'test')
# User not in database
self.assertIsNone(check_password({}, 'unknown', ''))
# Valid user with correct password'
self.assertTrue(check_password({}, '*****@*****.**', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, '*****@*****.**', 'incorrect'))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
because the custom user available in the test framework does not
support the is_active attribute, we can't test this with a custom
user.
"""
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password_custom_user(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
with custom user installed
"""
CustomUser._default_manager.create_user('*****@*****.**', '1990-01-01', 'test')
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password'
self.assertTrue(check_password({}, '*****@*****.**', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, '*****@*****.**', 'incorrect'))
def test_check_password(self):
"""
check_password() returns the correct values as per
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
"""
User.objects.create_user("test", "*****@*****.**", "test")
# User not in database
self.assertIsNone(check_password({}, "unknown", ""))
# Valid user with correct password
self.assertTrue(check_password({}, "test", "test"))
# correct password, but user is inactive
User.objects.filter(username="******").update(is_active=False)
self.assertFalse(check_password({}, "test", "test"))
# Valid user with incorrect password
self.assertFalse(check_password({}, "test", "incorrect"))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
"""
User.objects.create_user('test', '*****@*****.**', 'test')
# User not in database
self.assertIsNone(check_password({}, 'unknown', ''))
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# correct password, but user is inactive
User.objects.filter(username='******').update(is_active=False)
self.assertFalse(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms#Apache_Authentication_Provider
"""
User.objects.create_user('test', '*****@*****.**', 'test')
# User not in database
self.assertTrue(check_password({}, 'unknown', '') is None)
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# correct password, but user is inactive
User.objects.filter(username='******').update(is_active=False)
self.assertFalse(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def test_check_password(self):
"""
Verify that check_password returns the correct values as per
https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider
"""
User.objects.create_user('test', '*****@*****.**', 'test')
# User not in database
self.assertIsNone(check_password({}, 'unknown', ''))
# Valid user with correct password
self.assertTrue(check_password({}, 'test', 'test'))
# correct password, but user is inactive
User.objects.filter(username='******').update(is_active=False)
self.assertFalse(check_password({}, 'test', 'test'))
# Valid user with incorrect password
self.assertFalse(check_password({}, 'test', 'incorrect'))
def password(self, request, pk=None):
"""
修改密码
"""
user = request.user
old_password = request.data['old_password']
if check_password(old_password, user.password):
new_password1 = request.data['new_password1']
new_password2 = request.data['new_password2']
if new_password1 == new_password2:
user.set_password()
user.save()
return Response('密码修改成功!', status=status.HTTP_200_OK)
else:
return Response('新密码两次输入不一致!',
status=status.HTTP_400_BAD_REQUEST)
else:
return Response('旧密码错误!', status=status.HTTP_400_BAD_REQUEST)
def test_vbu_password():
jd = user = User.objects.create_user(username='******', email='*****@*****.**', password='******')
vbu = VBUserProfile.objects.create(user=jd, key_expires=key_expires)
# User not in database
assert check_password({}, 'unknown', '') == None
# Valid user with wrong password
assert vbu.user.check_password('incorrect') == False
# Valid user with correct password
assert vbu.user.check_password('toto') == True
# correct password, but user is inactive
jd.is_active = False
assert vbu.user.check_password({}) == False
# Valid user with incorrect password
assert vbu.user.check_password({}) == False
