def test_backend_locked_username(self):
# Authentication works
backend = StrictModelBackend()
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
# Lock user
for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1):
req = self.factory.get(reverse('login'))
form = StrictAuthenticationForm(request=req, data={
'username': '******', 'password': '******'})
self.assertFalse(form.is_valid())
# Authentication must no longer work for this user
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, None)
def test_backend_expired_user(self):
# Authentication works
backend = StrictModelBackend()
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
self.assertTrue(user.is_active)
# Simulate user didn't log in for a long time
period = datetime.timedelta(days=dap_settings.INACTIVE_USERS_EXPIRY)
expire_at = timezone.now() - period
self.user.last_login = expire_at
self.user.save()
LoginAttempt.objects.all().update(timestamp=expire_at)
# Authentication must still work for this user, but user is inactive
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
self.assertFalse(user.is_active)
def test_backend_expired_user(self):
# Authentication works
backend = StrictModelBackend()
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
self.assertTrue(user.is_active)
# Simulate user didn't log in for a long time
period = datetime.timedelta(days=dap_settings.INACTIVE_USERS_EXPIRY)
expire_at = timezone.now() - period
self.user.last_login = expire_at
self.user.save()
LoginAttempt.objects.all().update(timestamp=expire_at)
# Authentication must still work for this user, but user is inactive
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
self.assertFalse(user.is_active)
def test_backend_locked_username(self):
# Authentication works
backend = StrictModelBackend()
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, self.user)
# Lock user
for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1):
req = self.factory.get(reverse('login'))
form = StrictAuthenticationForm(request=req,
data={
'username': '******',
'password': '******'
})
self.assertFalse(form.is_valid())
# Authentication must no longer work for this user
user = backend.authenticate(username='******', password='******')
self.assertEqual(user, None)
