def test_get_session_auth_hash_is_used_for_session_auth(): user = user_factory() client = amo.tests.TestClient() assert not client.session.items() assert client.login(email=user.email) assert client.session.items() request = RequestFactory().get('/') request.session = client.session assert get_user(request) == user user.update(auth_id=generate_auth_id()) assert get_user(request) != user