def prepare_request(self, user, session=False):
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
request = self.create_post_request(data)
if session:
self.add_session_to_request(request)
return request
def prepare_request(self, user, session=False, data_to_sign=None):
if data_to_sign is None:
data_to_sign = {'user_id': user.pk}
signer = RegisterSigner(data_to_sign)
data = signer.get_signed_data()
request = self.create_post_request(data)
if session:
self.add_session_to_request(request)
return request
def test_verify_disabled(self):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
request = self.create_post_request(data)
response = self.view_func(request)
self.assert_invalid_response(response, status.HTTP_404_NOT_FOUND)
user.refresh_from_db()
self.assertFalse(user.is_active)
def test_ok(self):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
response = self.client.get(self.view_url, data=data)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, SUCCESS_URL)
user.refresh_from_db()
self.assertTrue(user.is_active)
def create_verify_and_user(self, session=False):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
request = self.create_post_request(data)
if session:
self.add_session_to_request(request)
response = self.view_func(request)
return user, response
def test_verify_ok(self):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
request = self.factory.post('', data)
response = verify_registration(request)
self.assert_valid_response(response, status.HTTP_200_OK)
user.refresh_from_db()
self.assertTrue(user.is_active)
def test_verify_tampered_timestamp(self):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
data['timestamp'] += 1
request = self.create_post_request(data)
response = self.view_func(request)
self.assert_invalid_response(response, status.HTTP_400_BAD_REQUEST)
user.refresh_from_db()
self.assertFalse(user.is_active)
def test_tampered_signature(self):
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
data['signature'] += 'blah'
response = self.client.get(self.view_url, data=data)
self.assertEqual(response.status_code, 302)
self.assertEqual(response.url, FAILURE_URL)
user.refresh_from_db()
self.assertFalse(user.is_active)
def test_verify_expired(self):
timestamp = int(time.time())
user = self.create_test_user(is_active=False)
self.assertFalse(user.is_active)
with patch('time.time', side_effect=lambda: timestamp):
signer = RegisterSigner({'user_id': user.pk})
data = signer.get_signed_data()
request = self.create_post_request(data)
with patch('time.time', side_effect=lambda: timestamp + 3600 * 24 * 8):
response = self.view_func(request)
self.assert_invalid_response(response, status.HTTP_400_BAD_REQUEST)
user.refresh_from_db()
self.assertFalse(user.is_active)
def test_signer_with_different_secret_keys(self):
user = self.create_test_user(is_active=False)
data_to_sign = {'user_id': user.pk}
secrets = [
'#0ka!t#6%28imjz+2t%l(()yu)tg93-1w%$du0*po)*@l+@+4h',
'feb7tjud7m=91$^mrk8dq&nz(0^!6+1xk)%gum#oe%(n)8jic7',
]
signatures = []
for secret in secrets:
with override_settings(SECRET_KEY=secret):
signer = RegisterSigner(data_to_sign)
data = signer.get_signed_data()
signatures.append(data[signer.SIGNATURE_FIELD])
assert signatures[0] != signatures[1]