def test_reset_password_good_token_microsite(self, reset_confirm):
        """Tests password reset confirmation page for micro site"""

        good_reset_req = self.request_factory.get('/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token))
        password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
        confirm_kwargs = reset_confirm.call_args[1]
        self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University')
 def test_reset_password_good_token(self):
     """Tests good token and uidb36 in password reset"""
     url = reverse("password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token})
     good_reset_req = self.request_factory.get(url)
     password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
     self.user = User.objects.get(pk=self.user.pk)
     self.assertTrue(self.user.is_active)
 def test_reset_password_good_token_configuration_override(self, reset_confirm):
     """Tests password reset confirmation page for site configuration override."""
     url = reverse("password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token})
     good_reset_req = self.request_factory.get(url)
     password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
     confirm_kwargs = reset_confirm.call_args[1]
     self.assertEquals(confirm_kwargs["extra_context"]["platform_name"], "Fake University")
     self.user = User.objects.get(pk=self.user.pk)
     self.assertTrue(self.user.is_active)
Esempio n. 4
0
    def test_reset_password_bad_token(self, reset_confirm):
        """Tests bad token and uidb36 in password reset"""

        bad_reset_req = self.request_factory.get("/password_reset_confirm/NO-OP/")
        password_reset_confirm_wrapper(bad_reset_req, "NO", "OP")
        (confirm_args, confirm_kwargs) = reset_confirm.call_args
        self.assertEquals(confirm_kwargs["uidb36"], "NO")
        self.assertEquals(confirm_kwargs["token"], "OP")
        self.user = User.objects.get(pk=self.user.pk)
        self.assertFalse(self.user.is_active)
Esempio n. 5
0
    def test_reset_password_bad_token(self, reset_confirm):
        """Tests bad token and uidb36 in password reset"""

        bad_reset_req = self.request_factory.get('/password_reset_confirm/NO-OP/')
        password_reset_confirm_wrapper(bad_reset_req, 'NO', 'OP')
        (confirm_args, confirm_kwargs) = reset_confirm.call_args
        self.assertEquals(confirm_kwargs['uidb36'], 'NO')
        self.assertEquals(confirm_kwargs['token'], 'OP')
        self.user = User.objects.get(pk=self.user.pk)
        self.assertFalse(self.user.is_active)
Esempio n. 6
0
    def test_reset_password_good_token(self, reset_confirm):
        """Tests good token and uidb36 in password reset"""

        good_reset_req = self.request_factory.get('/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token))
        password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
        (confirm_args, confirm_kwargs) = reset_confirm.call_args
        self.assertEquals(confirm_kwargs['uidb36'], self.uidb36)
        self.assertEquals(confirm_kwargs['token'], self.token)
        self.user = User.objects.get(pk=self.user.pk)
        self.assertTrue(self.user.is_active)
Esempio n. 7
0
    def test_reset_password_bad_token(self, reset_confirm):
        """Tests bad token and uidb36 in password reset"""

        bad_reset_req = self.request_factory.get(
            '/password_reset_confirm/NO-OP/')
        password_reset_confirm_wrapper(bad_reset_req, 'NO', 'OP')
        (confirm_args, confirm_kwargs) = reset_confirm.call_args
        self.assertEquals(confirm_kwargs['uidb36'], 'NO')
        self.assertEquals(confirm_kwargs['token'], 'OP')
        self.user = User.objects.get(pk=self.user.pk)
        self.assertFalse(self.user.is_active)
Esempio n. 8
0
    def test_reset_password_good_token(self, reset_confirm):
        """Tests good token and uidb36 in password reset"""

        good_reset_req = self.request_factory.get(
            '/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token))
        password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
        (confirm_args, confirm_kwargs) = reset_confirm.call_args
        self.assertEquals(confirm_kwargs['uidb36'], self.uidb36)
        self.assertEquals(confirm_kwargs['token'], self.token)
        self.user = User.objects.get(pk=self.user.pk)
        self.assertTrue(self.user.is_active)
 def test_reset_password_good_token(self):
     """Tests good token and uidb36 in password reset"""
     url = reverse("password_reset_confirm",
                   kwargs={
                       "uidb36": self.uidb36,
                       "token": self.token
                   })
     good_reset_req = self.request_factory.get(url)
     password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
     self.user = User.objects.get(pk=self.user.pk)
     self.assertTrue(self.user.is_active)
 def test_reset_password_good_token_microsite(self, reset_confirm):
     """Tests password reset confirmation page for micro site"""
     url = reverse(
         "password_reset_confirm",
         kwargs={"uidb36": self.uidb36, "token": self.token}
     )
     good_reset_req = self.request_factory.get(url)
     password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
     confirm_kwargs = reset_confirm.call_args[1]
     self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University')
     self.user = User.objects.get(pk=self.user.pk)
     self.assertTrue(self.user.is_active)
 def test_reset_password_good_token_configuration_override(self, reset_confirm):
     """Tests password reset confirmation page for site configuration override."""
     url = reverse(
         "password_reset_confirm",
         kwargs={"uidb36": self.uidb36, "token": self.token}
     )
     good_reset_req = self.request_factory.get(url)
     password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token)
     confirm_kwargs = reset_confirm.call_args[1]
     self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University')
     self.user = User.objects.get(pk=self.user.pk)
     self.assertTrue(self.user.is_active)
    def test_reset_password_bad_token(self, uidb36, token):
        """Tests bad token and uidb36 in password reset"""
        if uidb36 is None:
            uidb36 = self.uidb36
        if token is None:
            token = self.token

        bad_request = self.request_factory.get(
            reverse("password_reset_confirm", kwargs={"uidb36": uidb36, "token": token})
        )
        password_reset_confirm_wrapper(bad_request, uidb36, token)
        self.user = User.objects.get(pk=self.user.pk)
        self.assertFalse(self.user.is_active)
    def test_password_reset_normalize_password(self):
        # pylint: disable=anomalous-unicode-escape-in-string
        """
        Tests that if we provide a not properly normalized password, it is saved using our normalization
        method of NFKC.
        In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword'
        """
        url = reverse("password_reset_confirm",
                      kwargs={
                          "uidb36": self.uidb36,
                          "token": self.token
                      })

        password = u'p\u212bssword'
        request_params = {'new_password1': password, 'new_password2': password}
        confirm_request = self.request_factory.post(url, data=request_params)
        confirm_request.user = self.user
        __ = password_reset_confirm_wrapper(confirm_request, self.uidb36,
                                            self.token)

        user = User.objects.get(pk=self.user.pk)
        salt_val = user.password.split('$')[1]
        expected_user_password = make_password(
            unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val)
        self.assertEqual(expected_user_password, user.password)
    def test_password_reset_fail(self):
        """
        Tests that if we provide mismatched passwords, user is not marked as active.
        """
        self.assertFalse(self.user.is_active)

        url = reverse('password_reset_confirm',
                      kwargs={
                          'uidb36': self.uidb36,
                          'token': self.token
                      })
        request_params = {
            'new_password1': 'password1',
            'new_password2': 'password2'
        }
        confirm_request = self.request_factory.post(url, data=request_params)
        confirm_request.user = self.user

        # Make a password reset request with mismatching passwords.
        resp = password_reset_confirm_wrapper(confirm_request, self.uidb36,
                                              self.token)

        # Verify the response status code is: 200 with password reset fail and also verify that
        # the user is not marked as active.
        self.assertEqual(resp.status_code, 200)
        self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
Esempio n. 15
0
    def test_reset_password_bad_token(self, uidb36, token):
        """Tests bad token and uidb36 in password reset"""
        if uidb36 is None:
            uidb36 = self.uidb36
        if token is None:
            token = self.token

        bad_request = self.request_factory.get(
            reverse("password_reset_confirm",
                    kwargs={
                        "uidb36": uidb36,
                        "token": token
                    }))
        password_reset_confirm_wrapper(bad_request, uidb36, token)
        self.user = User.objects.get(pk=self.user.pk)
        self.assertFalse(self.user.is_active)
Esempio n. 16
0
 def test_password_reset_prevent_auth_user_writes(self):
     with waffle().override(PREVENT_AUTH_USER_WRITES, True):
         url = reverse(
             "password_reset_confirm",
             kwargs={"uidb36": self.uidb36, "token": self.token}
         )
         for request in [self.request_factory.get(url), self.request_factory.post(url)]:
             response = password_reset_confirm_wrapper(request, self.uidb36, self.token)
             assert response.context_data['err_msg'] == SYSTEM_MAINTENANCE_MSG
             self.user.refresh_from_db()
             assert not self.user.is_active
Esempio n. 17
0
 def test_password_reset_prevent_auth_user_writes(self):
     with waffle().override(PREVENT_AUTH_USER_WRITES, True):
         url = reverse(
             "password_reset_confirm",
             kwargs={"uidb36": self.uidb36, "token": self.token}
         )
         for request in [self.request_factory.get(url), self.request_factory.post(url)]:
             response = password_reset_confirm_wrapper(request, self.uidb36, self.token)
             assert response.context_data['err_msg'] == SYSTEM_MAINTENANCE_MSG
             self.user.refresh_from_db()
             assert not self.user.is_active
Esempio n. 18
0
    def test_password_reset_with_invalid_length(self, password_dict):
        """Tests that if we provide password characters less then PASSWORD_MIN_LENGTH,
        or more than PASSWORD_MAX_LENGTH, password reset will fail with error message.
        """

        url = reverse(
            'password_reset_confirm',
            kwargs={'uidb36': self.uidb36, 'token': self.token}
        )
        request_params = {'new_password1': password_dict['password'], 'new_password2': password_dict['password']}
        confirm_request = self.request_factory.post(url, data=request_params)

        # Make a password reset request with minimum/maximum passwords characters.
        response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token)

        self.assertEqual(response.context_data['err_msg'], password_dict['error_message'])
    def test_password_reset_with_invalid_length(self, password_dict):
        """Tests that if we provide password characters less then PASSWORD_MIN_LENGTH,
        or more than PASSWORD_MAX_LENGTH, password reset will fail with error message.
        """

        url = reverse(
            'password_reset_confirm',
            kwargs={'uidb36': self.uidb36, 'token': self.token}
        )
        request_params = {'new_password1': password_dict['password'], 'new_password2': password_dict['password']}
        confirm_request = self.request_factory.post(url, data=request_params)

        # Make a password reset request with minimum/maximum passwords characters.
        response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token)

        self.assertEqual(response.context_data['err_msg'], password_dict['error_message'])
Esempio n. 20
0
    def test_password_reset_fail(self):
        """Tests that if we provide mismatched passwords, user is not marked as active."""
        self.assertFalse(self.user.is_active)

        url = reverse(
            'password_reset_confirm',
            kwargs={'uidb36': self.uidb36, 'token': self.token}
        )
        request_params = {'new_password1': 'password1', 'new_password2': 'password2'}
        confirm_request = self.request_factory.post(url, data=request_params)

        # Make a password reset request with mismatching passwords.
        resp = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token)

        # Verify the response status code is: 200 with password reset fail and also verify that
        # the user is not marked as active.
        self.assertEqual(resp.status_code, 200)
        self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
    def test_password_reset_retired_user_fail(self):
        """
        Tests that if a retired user attempts to reset their password, it fails.
        """
        self.assertFalse(self.user.is_active)

        # Retire the user.
        UserRetirementRequest.create_retirement_request(self.user)

        url = reverse(
            'password_reset_confirm',
            kwargs={'uidb36': self.uidb36, 'token': self.token}
        )
        reset_req = self.request_factory.get(url)
        resp = password_reset_confirm_wrapper(reset_req, self.uidb36, self.token)

        # Verify the response status code is: 200 with password reset fail and also verify that
        # the user is not marked as active.
        self.assertEqual(resp.status_code, 200)
        self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
Esempio n. 22
0
    def test_password_reset_retired_user_fail(self):
        """
        Tests that if a retired user attempts to reset their password, it fails.
        """
        self.assertFalse(self.user.is_active)

        # Retire the user.
        UserRetirementRequest.create_retirement_request(self.user)

        url = reverse(
            'password_reset_confirm',
            kwargs={'uidb36': self.uidb36, 'token': self.token}
        )
        reset_req = self.request_factory.get(url)
        resp = password_reset_confirm_wrapper(reset_req, self.uidb36, self.token)

        # Verify the response status code is: 200 with password reset fail and also verify that
        # the user is not marked as active.
        self.assertEqual(resp.status_code, 200)
        self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
    def test_password_reset_normalize_password(self):
        """
        Tests that if we provide a not properly normalized password, it is saved using our normalization
        method of NFKC.
        In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword'
        """
        url = reverse(
            "password_reset_confirm",
            kwargs={"uidb36": self.uidb36, "token": self.token}
        )

        password = u'p\u212bssword'
        request_params = {'new_password1': password, 'new_password2': password}
        confirm_request = self.request_factory.post(url, data=request_params)
        response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token)

        user = User.objects.get(pk=self.user.pk)
        salt_val = user.password.split('$')[1]
        expected_user_password = make_password(unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val)
        self.assertEqual(expected_user_password, user.password)
    def test_password_reset_normalize_password(self):
        """
        Tests that if we provide a not properly normalized password, it is saved using our normalization
        method of NFKC.
        In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword'
        """
        with PASSWORD_UNICODE_NORMALIZE_FLAG.override(active=True):
            url = reverse(
                "password_reset_confirm",
                kwargs={"uidb36": self.uidb36, "token": self.token}
            )

            password = u'p\u212bssword'
            request_params = {'new_password1': password, 'new_password2': password}
            confirm_request = self.request_factory.post(url, data=request_params)
            response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token)

            user = User.objects.get(pk=self.user.pk)
            salt_val = user.password.split('$')[1]
            expected_user_password = make_password(unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val)
            self.assertEqual(expected_user_password, user.password)