def test_reset_password_good_token_microsite(self, reset_confirm): """Tests password reset confirmation page for micro site""" good_reset_req = self.request_factory.get('/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token)) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) confirm_kwargs = reset_confirm.call_args[1] self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University')
def test_reset_password_good_token(self): """Tests good token and uidb36 in password reset""" url = reverse("password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token}) good_reset_req = self.request_factory.get(url) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_good_token_configuration_override(self, reset_confirm): """Tests password reset confirmation page for site configuration override.""" url = reverse("password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token}) good_reset_req = self.request_factory.get(url) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) confirm_kwargs = reset_confirm.call_args[1] self.assertEquals(confirm_kwargs["extra_context"]["platform_name"], "Fake University") self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_bad_token(self, reset_confirm): """Tests bad token and uidb36 in password reset""" bad_reset_req = self.request_factory.get("/password_reset_confirm/NO-OP/") password_reset_confirm_wrapper(bad_reset_req, "NO", "OP") (confirm_args, confirm_kwargs) = reset_confirm.call_args self.assertEquals(confirm_kwargs["uidb36"], "NO") self.assertEquals(confirm_kwargs["token"], "OP") self.user = User.objects.get(pk=self.user.pk) self.assertFalse(self.user.is_active)
def test_reset_password_bad_token(self, reset_confirm): """Tests bad token and uidb36 in password reset""" bad_reset_req = self.request_factory.get('/password_reset_confirm/NO-OP/') password_reset_confirm_wrapper(bad_reset_req, 'NO', 'OP') (confirm_args, confirm_kwargs) = reset_confirm.call_args self.assertEquals(confirm_kwargs['uidb36'], 'NO') self.assertEquals(confirm_kwargs['token'], 'OP') self.user = User.objects.get(pk=self.user.pk) self.assertFalse(self.user.is_active)
def test_reset_password_good_token(self, reset_confirm): """Tests good token and uidb36 in password reset""" good_reset_req = self.request_factory.get('/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token)) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) (confirm_args, confirm_kwargs) = reset_confirm.call_args self.assertEquals(confirm_kwargs['uidb36'], self.uidb36) self.assertEquals(confirm_kwargs['token'], self.token) self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_bad_token(self, reset_confirm): """Tests bad token and uidb36 in password reset""" bad_reset_req = self.request_factory.get( '/password_reset_confirm/NO-OP/') password_reset_confirm_wrapper(bad_reset_req, 'NO', 'OP') (confirm_args, confirm_kwargs) = reset_confirm.call_args self.assertEquals(confirm_kwargs['uidb36'], 'NO') self.assertEquals(confirm_kwargs['token'], 'OP') self.user = User.objects.get(pk=self.user.pk) self.assertFalse(self.user.is_active)
def test_reset_password_good_token(self, reset_confirm): """Tests good token and uidb36 in password reset""" good_reset_req = self.request_factory.get( '/password_reset_confirm/{0}-{1}/'.format(self.uidb36, self.token)) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) (confirm_args, confirm_kwargs) = reset_confirm.call_args self.assertEquals(confirm_kwargs['uidb36'], self.uidb36) self.assertEquals(confirm_kwargs['token'], self.token) self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_good_token(self): """Tests good token and uidb36 in password reset""" url = reverse("password_reset_confirm", kwargs={ "uidb36": self.uidb36, "token": self.token }) good_reset_req = self.request_factory.get(url) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_good_token_microsite(self, reset_confirm): """Tests password reset confirmation page for micro site""" url = reverse( "password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token} ) good_reset_req = self.request_factory.get(url) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) confirm_kwargs = reset_confirm.call_args[1] self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University') self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_good_token_configuration_override(self, reset_confirm): """Tests password reset confirmation page for site configuration override.""" url = reverse( "password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token} ) good_reset_req = self.request_factory.get(url) password_reset_confirm_wrapper(good_reset_req, self.uidb36, self.token) confirm_kwargs = reset_confirm.call_args[1] self.assertEquals(confirm_kwargs['extra_context']['platform_name'], 'Fake University') self.user = User.objects.get(pk=self.user.pk) self.assertTrue(self.user.is_active)
def test_reset_password_bad_token(self, uidb36, token): """Tests bad token and uidb36 in password reset""" if uidb36 is None: uidb36 = self.uidb36 if token is None: token = self.token bad_request = self.request_factory.get( reverse("password_reset_confirm", kwargs={"uidb36": uidb36, "token": token}) ) password_reset_confirm_wrapper(bad_request, uidb36, token) self.user = User.objects.get(pk=self.user.pk) self.assertFalse(self.user.is_active)
def test_password_reset_normalize_password(self): # pylint: disable=anomalous-unicode-escape-in-string """ Tests that if we provide a not properly normalized password, it is saved using our normalization method of NFKC. In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword' """ url = reverse("password_reset_confirm", kwargs={ "uidb36": self.uidb36, "token": self.token }) password = u'p\u212bssword' request_params = {'new_password1': password, 'new_password2': password} confirm_request = self.request_factory.post(url, data=request_params) confirm_request.user = self.user __ = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) user = User.objects.get(pk=self.user.pk) salt_val = user.password.split('$')[1] expected_user_password = make_password( unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val) self.assertEqual(expected_user_password, user.password)
def test_password_reset_fail(self): """ Tests that if we provide mismatched passwords, user is not marked as active. """ self.assertFalse(self.user.is_active) url = reverse('password_reset_confirm', kwargs={ 'uidb36': self.uidb36, 'token': self.token }) request_params = { 'new_password1': 'password1', 'new_password2': 'password2' } confirm_request = self.request_factory.post(url, data=request_params) confirm_request.user = self.user # Make a password reset request with mismatching passwords. resp = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) # Verify the response status code is: 200 with password reset fail and also verify that # the user is not marked as active. self.assertEqual(resp.status_code, 200) self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
def test_reset_password_bad_token(self, uidb36, token): """Tests bad token and uidb36 in password reset""" if uidb36 is None: uidb36 = self.uidb36 if token is None: token = self.token bad_request = self.request_factory.get( reverse("password_reset_confirm", kwargs={ "uidb36": uidb36, "token": token })) password_reset_confirm_wrapper(bad_request, uidb36, token) self.user = User.objects.get(pk=self.user.pk) self.assertFalse(self.user.is_active)
def test_password_reset_prevent_auth_user_writes(self): with waffle().override(PREVENT_AUTH_USER_WRITES, True): url = reverse( "password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token} ) for request in [self.request_factory.get(url), self.request_factory.post(url)]: response = password_reset_confirm_wrapper(request, self.uidb36, self.token) assert response.context_data['err_msg'] == SYSTEM_MAINTENANCE_MSG self.user.refresh_from_db() assert not self.user.is_active
def test_password_reset_with_invalid_length(self, password_dict): """Tests that if we provide password characters less then PASSWORD_MIN_LENGTH, or more than PASSWORD_MAX_LENGTH, password reset will fail with error message. """ url = reverse( 'password_reset_confirm', kwargs={'uidb36': self.uidb36, 'token': self.token} ) request_params = {'new_password1': password_dict['password'], 'new_password2': password_dict['password']} confirm_request = self.request_factory.post(url, data=request_params) # Make a password reset request with minimum/maximum passwords characters. response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) self.assertEqual(response.context_data['err_msg'], password_dict['error_message'])
def test_password_reset_fail(self): """Tests that if we provide mismatched passwords, user is not marked as active.""" self.assertFalse(self.user.is_active) url = reverse( 'password_reset_confirm', kwargs={'uidb36': self.uidb36, 'token': self.token} ) request_params = {'new_password1': 'password1', 'new_password2': 'password2'} confirm_request = self.request_factory.post(url, data=request_params) # Make a password reset request with mismatching passwords. resp = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) # Verify the response status code is: 200 with password reset fail and also verify that # the user is not marked as active. self.assertEqual(resp.status_code, 200) self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
def test_password_reset_retired_user_fail(self): """ Tests that if a retired user attempts to reset their password, it fails. """ self.assertFalse(self.user.is_active) # Retire the user. UserRetirementRequest.create_retirement_request(self.user) url = reverse( 'password_reset_confirm', kwargs={'uidb36': self.uidb36, 'token': self.token} ) reset_req = self.request_factory.get(url) resp = password_reset_confirm_wrapper(reset_req, self.uidb36, self.token) # Verify the response status code is: 200 with password reset fail and also verify that # the user is not marked as active. self.assertEqual(resp.status_code, 200) self.assertFalse(User.objects.get(pk=self.user.pk).is_active)
def test_password_reset_normalize_password(self): """ Tests that if we provide a not properly normalized password, it is saved using our normalization method of NFKC. In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword' """ url = reverse( "password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token} ) password = u'p\u212bssword' request_params = {'new_password1': password, 'new_password2': password} confirm_request = self.request_factory.post(url, data=request_params) response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) user = User.objects.get(pk=self.user.pk) salt_val = user.password.split('$')[1] expected_user_password = make_password(unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val) self.assertEqual(expected_user_password, user.password)
def test_password_reset_normalize_password(self): """ Tests that if we provide a not properly normalized password, it is saved using our normalization method of NFKC. In this test, the input password is u'p\u212bssword'. It should be normalized to u'p\xc5ssword' """ with PASSWORD_UNICODE_NORMALIZE_FLAG.override(active=True): url = reverse( "password_reset_confirm", kwargs={"uidb36": self.uidb36, "token": self.token} ) password = u'p\u212bssword' request_params = {'new_password1': password, 'new_password2': password} confirm_request = self.request_factory.post(url, data=request_params) response = password_reset_confirm_wrapper(confirm_request, self.uidb36, self.token) user = User.objects.get(pk=self.user.pk) salt_val = user.password.split('$')[1] expected_user_password = make_password(unicodedata.normalize('NFKC', u'p\u212bssword'), salt_val) self.assertEqual(expected_user_password, user.password)