def get_users_with_multiple_primary_email(self): user_pks = [] for email_address_dict in EmailAddress.objects.filter( primary=True).values('user').annotate( Count('user')).filter(user__count__gt=1): user_pks.append(email_address_dict['user']) return get_user_model().objects.filter(pk__in=user_pks)
def _logout_view(self, method): c = Client() user = get_user_model().objects.create(username='******', is_active=True) user.set_password('doe') user.save() c = Client() c.login(username='******', password='******') return c, getattr(c, method)(reverse('account_logout'))
def test_email_escaping(self): site = Site.objects.get_current() site.name = '<enc&"test>' site.save() u = get_user_model().objects.create(username='******', email='*****@*****.**') request = RequestFactory().get('/') EmailAddress.objects.add_email(request, u, u.email, confirm=True) self.assertTrue(mail.outbox[0].subject[1:].startswith(site.name))
def test_email_escaping(self): site = Site.objects.get_current() site.name = '<enc&"test>' site.save() u = get_user_model().objects.create( username='******', email='*****@*****.**') request = RequestFactory().get('/') EmailAddress.objects.add_email(request, u, u.email, confirm=True) self.assertTrue(mail.outbox[0].subject[1:].startswith(site.name))
def test_ajax_login_success(self): user = get_user_model().objects.create(username='******', is_active=True) user.set_password('doe') user.save() resp = self.client.post(reverse('account_login'), {'login': '******', 'password': '******'}, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertEqual(resp.status_code, 200) data = json.loads(resp.content.decode('utf8')) self.assertEqual(data['location'], '/accounts/profile/')
def test_email_verification_mandatory(self): c = Client() # Signup resp = c.post(reverse('account_signup'), {'username': '******', 'email': '*****@*****.**', 'password1': 'johndoe', 'password2': 'johndoe'}, follow=True) self.assertEqual(resp.status_code, 200) self.assertEqual(mail.outbox[0].to, ['*****@*****.**']) self.assertGreater(mail.outbox[0].body.find('https://'), 0) self.assertEqual(len(mail.outbox), 1) self.assertTemplateUsed(resp, 'account/verification_sent.html') # Attempt to login, unverified for attempt in [1, 2]: resp = c.post(reverse('account_login'), {'login': '******', 'password': '******'}, follow=True) # is_active is controlled by the admin to manually disable # users. I don't want this flag to flip automatically whenever # users verify their email adresses. self.assertTrue(get_user_model().objects.filter( username='******', is_active=True).exists()) self.assertTemplateUsed(resp, 'account/verification_sent.html') # Attempt 1: no mail is sent due to cool-down , # but there was already a mail in the outbox. self.assertEqual(len(mail.outbox), attempt) self.assertEqual( EmailConfirmation.objects.filter( email_address__email='*****@*****.**').count(), attempt) # Wait for cooldown EmailConfirmation.objects.update(sent=now() - timedelta(days=1)) # Verify, and re-attempt to login. confirmation = EmailConfirmation \ .objects \ .filter(email_address__user__username='******')[:1] \ .get() resp = c.get(reverse('account_confirm_email', args=[confirmation.key])) self.assertTemplateUsed(resp, 'account/email_confirm.html') c.post(reverse('account_confirm_email', args=[confirmation.key])) resp = c.post(reverse('account_login'), {'login': '******', 'password': '******'}) self.assertEqual(resp['location'], 'http://testserver'+settings.LOGIN_REDIRECT_URL)
def _request_new_password(self): user = get_user_model().objects.create( username='******', email='*****@*****.**', is_active=True) user.set_password('doe') user.save() self.client.post( reverse('account_reset_password'), data={'email': '*****@*****.**'}) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, ['*****@*****.**']) return user
def _request_new_password(self): user = get_user_model().objects.create(username='******', email='*****@*****.**', is_active=True) user.set_password('doe') user.save() self.client.post(reverse('account_reset_password'), data={'email': '*****@*****.**'}) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, ['*****@*****.**']) return user
def test_ajax_login_success(self): user = get_user_model().objects.create(username='******', is_active=True) user.set_password('doe') user.save() resp = self.client.post(reverse('account_login'), { 'login': '******', 'password': '******' }, HTTP_X_REQUESTED_WITH='XMLHttpRequest') self.assertEqual(resp.status_code, 200) data = json.loads(resp.content.decode('utf8')) self.assertEqual(data['location'], '/accounts/profile/')
def test_password_forgotten_url_protocol(self): user = self._request_new_password() body = mail.outbox[0].body self.assertGreater(body.find('https://'), 0) url = body[body.find('/password/reset/'):].split()[0] resp = self.client.get(url) self.assertTemplateUsed(resp, 'account/password_reset_from_key.html') self.client.post(url, {'password1': 'newpass123', 'password2': 'newpass123'}) user = get_user_model().objects.get(pk=user.pk) self.assertTrue(user.check_password('newpass123')) return resp
def test_username_containing_at(self): user = get_user_model().objects.create(username='******') user.set_password('psst') user.save() EmailAddress.objects.create(user=user, email='*****@*****.**', primary=True, verified=True) resp = self.client.post(reverse('account_login'), {'login': '******', 'password': '******'}) self.assertEqual(resp['location'], 'http://testserver'+settings.LOGIN_REDIRECT_URL)
def test_email_verification_mandatory(self): c = Client() # Signup resp = c.post(reverse('account_signup'), { 'username': '******', 'email': '*****@*****.**', 'password1': 'johndoe', 'password2': 'johndoe' }, follow=True) self.assertEqual(resp.status_code, 200) self.assertEqual(mail.outbox[0].to, ['*****@*****.**']) self.assertGreater(mail.outbox[0].body.find('https://'), 0) self.assertEqual(len(mail.outbox), 1) self.assertTemplateUsed(resp, 'account/verification_sent.html') # Attempt to login, unverified for attempt in [1, 2]: resp = c.post(reverse('account_login'), { 'login': '******', 'password': '******' }, follow=True) # is_active is controlled by the admin to manually disable # users. I don't want this flag to flip automatically whenever # users verify their email adresses. self.assertTrue(get_user_model().objects.filter( username='******', is_active=True).exists()) self.assertTemplateUsed(resp, 'account/verification_sent.html') # Attempt 1: no mail is sent due to cool-down , # but there was already a mail in the outbox. self.assertEqual(len(mail.outbox), attempt) self.assertEqual( EmailConfirmation.objects.filter( email_address__email='*****@*****.**').count(), attempt) # Wait for cooldown EmailConfirmation.objects.update(sent=now() - timedelta(days=1)) # Verify, and re-attempt to login. confirmation = EmailConfirmation \ .objects \ .filter(email_address__user__username='******')[:1] \ .get() resp = c.get(reverse('account_confirm_email', args=[confirmation.key])) self.assertTemplateUsed(resp, 'account/email_confirm.html') c.post(reverse('account_confirm_email', args=[confirmation.key])) resp = c.post(reverse('account_login'), { 'login': '******', 'password': '******' }) self.assertEqual(resp['location'], 'http://testserver' + settings.LOGIN_REDIRECT_URL)
def test_password_forgotten_url_protocol(self): user = self._request_new_password() body = mail.outbox[0].body self.assertGreater(body.find('https://'), 0) url = body[body.find('/password/reset/'):].split()[0] resp = self.client.get(url) self.assertTemplateUsed(resp, 'account/password_reset_from_key.html') self.client.post(url, { 'password1': 'newpass123', 'password2': 'newpass123' }) user = get_user_model().objects.get(pk=user.pk) self.assertTrue(user.check_password('newpass123')) return resp
def test_username_containing_at(self): user = get_user_model().objects.create(username='******') user.set_password('psst') user.save() EmailAddress.objects.create(user=user, email='*****@*****.**', primary=True, verified=True) resp = self.client.post(reverse('account_login'), { 'login': '******', 'password': '******' }) self.assertEqual(resp['location'], 'http://testserver' + settings.LOGIN_REDIRECT_URL)
def setUp(self): User = get_user_model() self.user = User.objects.create(username='******', email='*****@*****.**') self.user.set_password('doe') self.user.save() self.email_address = EmailAddress.objects.create(user=self.user, email=self.user.email, verified=True, primary=True) self.email_address2 = EmailAddress.objects.create( user=self.user, email='*****@*****.**', verified=False, primary=False) self.client.login(username='******', password='******')
def setUp(self): User = get_user_model() self.user = User.objects.create(username='******', email='*****@*****.**') self.user.set_password('doe') self.user.save() self.email_address = EmailAddress.objects.create( user=self.user, email=self.user.email, verified=True, primary=True) self.email_address2 = EmailAddress.objects.create( user=self.user, email='*****@*****.**', verified=False, primary=False) self.client.login(username='******', password='******')
def _test_signup_email_verified_externally(self, signup_email, verified_email): username = '******' request = RequestFactory().post(reverse('account_signup'), {'username': username, 'email': signup_email, 'password1': 'johndoe', 'password2': 'johndoe'}) # Fake stash_verified_email from django.contrib.messages.middleware import MessageMiddleware from django.contrib.sessions.middleware import SessionMiddleware SessionMiddleware().process_request(request) MessageMiddleware().process_request(request) request.user = AnonymousUser() request.session['account_verified_email'] = verified_email from .views import signup resp = signup(request) self.assertEqual(resp.status_code, 302) self.assertEqual(resp['location'], get_adapter().get_login_redirect_url(request)) self.assertEqual(len(mail.outbox), 0) return get_user_model().objects.get(username=username)
def _test_signup_email_verified_externally(self, signup_email, verified_email): username = '******' request = RequestFactory().post( reverse('account_signup'), { 'username': username, 'email': signup_email, 'password1': 'johndoe', 'password2': 'johndoe' }) # Fake stash_verified_email from django.contrib.messages.middleware import MessageMiddleware from django.contrib.sessions.middleware import SessionMiddleware SessionMiddleware().process_request(request) MessageMiddleware().process_request(request) request.user = AnonymousUser() request.session['account_verified_email'] = verified_email from .views import signup resp = signup(request) self.assertEqual(resp.status_code, 302) self.assertEqual(resp['location'], get_adapter().get_login_redirect_url(request)) self.assertEqual(len(mail.outbox), 0) return get_user_model().objects.get(username=username)
def _create_user_and_login(self): user = get_user_model().objects.create(username='******', is_active=True) user.set_password('doe') user.save() self.client.login(username='******', password='******') return user