def test_password_recovery_with_token_in_url_login_user(self):
token = self.user.create_token(token_type=RESET_TOKEN)
ViewClass = PasswordResetView.as_view()
ViewClass(self.request,
token=token.value,
email=b64encode(self.user.email))
def test_password_recovery_with_invalid_token_in_url_do_nothing(self):
token = self.user.create_token(token_type=RESET_TOKEN)
ViewClass = PasswordResetView.as_view()
res = ViewClass(self.request, token='NOT%s' % token.value, email=b64encode(self.user.email))
assert_equals(res['Location'], reverse('password_recovery'))
def test_password_recovery_with_invalid_token_in_url_do_nothing(self):
token = self.user.create_token(token_type=RESET_TOKEN)
ViewClass = PasswordResetView.as_view()
res = ViewClass(self.request,
token='NOT%s' % token.value,
email=b64encode(self.user.email))
assert_equals(res['Location'], reverse('password_recovery'))
def test_password_reset_post_valid(self):
token = self.user.create_token(token_type=RESET_TOKEN)
new_pwd = 'newpwd'
data = {
'password': new_pwd,
'password2': new_pwd,
}
self.request.method = 'POST'
self.request.POST = data
ViewClass = csrf_exempt(PasswordResetView.as_view())
ViewClass(self.request, token=token.value, email=b64encode(self.user.email))
updated_user = Identity.objects.get(pk=self.user.pk)
assert_equals(updated_user.check_password(new_pwd), True)
assert_raises(LoginToken.DoesNotExist, lambda: LoginToken.objects.get(pk=token.pk))
def test_password_reset_post_valid(self):
token = self.user.create_token(token_type=RESET_TOKEN)
new_pwd = 'newpwd'
data = {
'password': new_pwd,
'password2': new_pwd,
}
self.request.method = 'POST'
self.request.POST = data
ViewClass = csrf_exempt(PasswordResetView.as_view())
ViewClass(self.request,
token=token.value,
email=b64encode(self.user.email))
updated_user = Identity.objects.get(pk=self.user.pk)
assert_equals(updated_user.check_password(new_pwd), True)
assert_raises(LoginToken.DoesNotExist,
lambda: LoginToken.objects.get(pk=token.pk))
def test_password_recovery_with_token_in_url_login_user(self):
token = self.user.create_token(token_type=RESET_TOKEN)
ViewClass = PasswordResetView.as_view()
ViewClass(self.request, token=token.value, email=b64encode(self.user.email))
url(r'^login/recovery/(?P<origin_site>\d+)/$', RecoveryLoginView.as_view(), name='login-recovery'),
url(r'^login/$', LoginView.as_view(), name='login'), # dummy url
url(r'^login/(?P<origin_site>\d+)/$', LoginView.as_view(), name='login'),
url(r'^login/(?P<origin_site>\d+)/(?P<next_url>\S+)/$', LoginView.as_view(), name='login'),
url(r'^logout/$', LogoutView.as_view(), name='logout'), # dummy url
url(r'^logout/(?P<origin_site>\d+)/$', LogoutView.as_view(), name='logout'),
url(r'^logout/(?P<origin_site>\d+)/(?P<next_url>\S+)/$', LogoutView.as_view(), name='logout'),
url(r'^register/$', CreateIdentityView.as_view(), name='register'), # dummy url
url(r'^register/(?P<origin_site>\d+)/$', CreateIdentityView.as_view(), name='register'),
url(r'^register/(?P<origin_site>\d+)/(?P<next_url>\S+)/$', CreateIdentityView.as_view(), name='create_identity'),
#each of these urls below should start w/ the same string
#there's middleware which controls inactive account if: url.startswith(reverse('verify_identity'))
url(r'^verify/$', IdentityVerifyView.as_view(), name='verify_identity'),
url(r'^verify/(?P<email>[A-Za-z0-9=]+)/(?P<token>\w+)/$', IdentityVerifyView.as_view(), name='verify_identity'),
url(r'^verify/resend/$', IdentityVerifyResend.as_view(), name='verify_resend'),
# ^ each of these urls above should start w/ the same string
url(r'^password-change/$', PasswordChangeView.as_view(), name='password_change'),
url(r'^password-recovery/$', PasswordRecoveryRequestView.as_view(), name='password_recovery'),
url(r'^password-recovery/finish/(?P<email>[A-Za-z0-9=]+)/(?P<token>\S+)/$', PasswordResetView.as_view(), name='recovery_finish'),
url(r'^password-recovery/finish/$', FinishRecoveryView.as_view(), name='recovery_finish'),
url(r'^$', LoginView.as_view(), name='homepage')
)
url(r'^register/(?P<origin_site>\d+)/$',
CreateIdentityView.as_view(),
name='register'),
url(r'^register/(?P<origin_site>\d+)/(?P<next_url>\S+)/$',
CreateIdentityView.as_view(),
name='create_identity'),
#each of these urls below should start w/ the same string
#there's middleware which controls inactive account if: url.startswith(reverse('verify_identity'))
url(r'^verify/$', IdentityVerifyView.as_view(), name='verify_identity'),
url(r'^verify/(?P<email>[A-Za-z0-9=]+)/(?P<token>\w+)/$',
IdentityVerifyView.as_view(),
name='verify_identity'),
url(r'^verify/resend/$',
IdentityVerifyResend.as_view(),
name='verify_resend'),
# ^ each of these urls above should start w/ the same string
url(r'^password-change/$',
PasswordChangeView.as_view(),
name='password_change'),
url(r'^password-recovery/$',
PasswordRecoveryRequestView.as_view(),
name='password_recovery'),
url(r'^password-recovery/finish/(?P<email>[A-Za-z0-9=]+)/(?P<token>\S+)/$',
PasswordResetView.as_view(),
name='recovery_finish'),
url(r'^password-recovery/finish/$',
FinishRecoveryView.as_view(),
name='recovery_finish'),
url(r'^$', LoginView.as_view(), name='homepage'))