Пример #1
0
    def test_backend_locked_username(self):
        # Authentication works
        backend = StrictModelBackend()
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)

        # Lock user
        for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1):
            req = self.factory.get(reverse('login'))
            form = StrictAuthenticationForm(request=req, data={
                'username': '******', 'password': '******'})
            self.assertFalse(form.is_valid())

        # Authentication must no longer work for this user
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, None)
Пример #2
0
    def test_backend_expired_user(self):
        # Authentication works
        backend = StrictModelBackend()
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)
        self.assertTrue(user.is_active)

        # Simulate user didn't log in for a long time
        period = datetime.timedelta(days=dap_settings.INACTIVE_USERS_EXPIRY)
        expire_at = timezone.now() - period
        self.user.last_login = expire_at
        self.user.save()
        LoginAttempt.objects.all().update(timestamp=expire_at)

        # Authentication must still work for this user, but user is inactive
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)
        self.assertFalse(user.is_active)
Пример #3
0
    def test_backend_expired_user(self):
        # Authentication works
        backend = StrictModelBackend()
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)
        self.assertTrue(user.is_active)

        # Simulate user didn't log in for a long time
        period = datetime.timedelta(days=dap_settings.INACTIVE_USERS_EXPIRY)
        expire_at = timezone.now() - period
        self.user.last_login = expire_at
        self.user.save()
        LoginAttempt.objects.all().update(timestamp=expire_at)

        # Authentication must still work for this user, but user is inactive
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)
        self.assertFalse(user.is_active)
Пример #4
0
    def test_backend_locked_username(self):
        # Authentication works
        backend = StrictModelBackend()
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, self.user)

        # Lock user
        for x in xrange(0, dap_settings.FAILED_AUTH_USERNAME_MAX + 1):
            req = self.factory.get(reverse('login'))
            form = StrictAuthenticationForm(request=req,
                                            data={
                                                'username': '******',
                                                'password': '******'
                                            })
            self.assertFalse(form.is_valid())

        # Authentication must no longer work for this user
        user = backend.authenticate(username='******', password='******')
        self.assertEqual(user, None)