def test_backend_locked_username(self): # Authentication works backend = StrictModelBackend() user = backend.authenticate(username='******', password='******') self.assertEqual(user, self.user) # Lock user for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1): req = self.factory.get(reverse('login')) form = StrictAuthenticationForm(request=req, data={ 'username': '******', 'password': '******'}) self.assertFalse(form.is_valid()) # Authentication must no longer work for this user user = backend.authenticate(username='******', password='******') self.assertEqual(user, None)
def test_backend_expired_user(self): # Authentication works backend = StrictModelBackend() user = backend.authenticate(username='******', password='******') self.assertEqual(user, self.user) self.assertTrue(user.is_active) # Simulate user didn't log in for a long time period = datetime.timedelta(days=dap_settings.INACTIVE_USERS_EXPIRY) expire_at = timezone.now() - period self.user.last_login = expire_at self.user.save() LoginAttempt.objects.all().update(timestamp=expire_at) # Authentication must still work for this user, but user is inactive user = backend.authenticate(username='******', password='******') self.assertEqual(user, self.user) self.assertFalse(user.is_active)
def test_backend_locked_username(self): # Authentication works backend = StrictModelBackend() user = backend.authenticate(username='******', password='******') self.assertEqual(user, self.user) # Lock user for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1): req = self.factory.get(reverse('login')) form = StrictAuthenticationForm(request=req, data={ 'username': '******', 'password': '******' }) self.assertFalse(form.is_valid()) # Authentication must no longer work for this user user = backend.authenticate(username='******', password='******') self.assertEqual(user, None)