def test_reset_history_prevent_reuse(self): """ The reset form prevents users from reusing old passwords """ self.company.password_expiration = True self.company.save() self.user.set_password('oLd0000%%') self.user.save() self.user.userpasswordhistory_set = [] self.user = User.objects.get(pk=self.user.pk) self.user.set_password('oLd1111%%') self.user.save() self.user.set_password('oLd2222%%') self.user.save() form = CustomSetPasswordForm( self.user, { 'new_password1': 'oLd1111%%', 'new_password2': 'oLd1111%%', }) self.assertFalse(form.is_valid()) self.assertRegexpMatches( form.errors['new_password1'][0], r'different from the previous')
def test_reset_history(self): self.company.password_expiration = True self.company.save() self.user.set_password('oLd0000%%') self.user.save() self.user.userpasswordhistory_set = [] self.user = User.objects.get(pk=self.user.pk) form = CustomSetPasswordForm( self.user, { 'new_password1': 'oLd1111%%', 'new_password2': 'oLd1111%%', }) self.assertTrue(form.is_valid()) form.save() self.assertEqual(1, self.user.userpasswordhistory_set.count())
def test_reset_history_allow_reuse(self): """ The reset form allow users without expiration to reuse passwords. """ self.user = User.objects.get(pk=self.user.pk) self.user.set_password('oLd1111%%') self.user.save() self.user.set_password('oLd2222%%') self.user.save() form = CustomSetPasswordForm( self.user, { 'new_password1': 'oLd1111%%', 'new_password2': 'oLd1111%%', }) self.assertTrue(form.is_valid())
def test_reset_lockout(self): """ The reset form zeros a password lockout on success. """ (self.alice, _) = User.objects.create_user(**{ 'email': '*****@*****.**', 'password1': '5UuYquA@'}) self.alice.failed_login_count = 99999 self.alice.save() form = CustomSetPasswordForm( self.alice, { 'new_password1': '82Ywe4$cc', 'new_password2': '82Ywe4$cc', }) self.assertTrue(form.is_valid()) form.save() self.assertEqual(self.alice.failed_login_count, 0) self.assertTrue(self.alice.check_password('82Ywe4$cc'))