def test_custom_logout(self):
delta = SessionExpiryPolicyMiddleware().SESSION_INACTIVITY_TIMEOUT + 1
expired = timezone.now() - datetime.timedelta(seconds=delta)
self.session_expiry_test(
SessionExpiryPolicyMiddleware().LAST_ACTIVITY_KEY,
expired,
)
assert mocked_custom_logout.called
def test_session_inactive_too_long(self):
"""
Pretend we are 1 second passed the session inactivity timeout and make sure
the session is cleared.
"""
delta = SessionExpiryPolicyMiddleware().SESSION_INACTIVITY_TIMEOUT + 1
expired = datetime.now() - timedelta(seconds=delta)
self.session_expiry_test(
SessionExpiryPolicyMiddleware().LAST_ACTIVITY_KEY, expired)
def session_expiry_test(self, key, expired):
"""
Verify that expired sessions are cleared from the system. (And that we
redirect to the login page.)
"""
self.assertTrue(self.client.get('/home/').status_code, 200)
session = self.client.session
SessionExpiryPolicyMiddleware._set_datetime_in_session(
key, expired, session)
session.save()
response = self.client.get('/home/')
self.assertRedirects(response, reverse("login") + '?next=/home/')
def test_session_variables_are_set(self):
"""
Verify the session cookie stores the start time and last active time.
"""
self.client.get('/home/')
now = timezone.now()
start_time = SessionExpiryPolicyMiddleware._get_datetime_in_session(
SessionExpiryPolicyMiddleware.START_TIME_KEY, self.client.session)
last_activity = SessionExpiryPolicyMiddleware._get_datetime_in_session(
SessionExpiryPolicyMiddleware.LAST_ACTIVITY_KEY,
self.client.session)
self.assertTrue(now - start_time < datetime.timedelta(seconds=10))
self.assertTrue(now - last_activity < datetime.timedelta(seconds=10))
def test_exempted_session_expiry_urls(self):
delta = SessionExpiryPolicyMiddleware().SESSION_INACTIVITY_TIMEOUT + 1
expired = timezone.now() - datetime.timedelta(seconds=delta)
self.assertTrue(self.client.get('/home/').status_code, 200)
session = self.client.session
session[SessionExpiryPolicyMiddleware().LAST_ACTIVITY_KEY] = expired
session.save()
exempted_response = self.client.get('/accounts/login/')
not_exempted_response = self.client.get('/home/')
self.assertTrue(exempted_response.status_code, 200)
self.assertRedirects(not_exempted_response,
'http://testserver/accounts/login/?next=/home/')
def test_exempted_session_expiry_urls(self):
delta = SessionExpiryPolicyMiddleware().SESSION_INACTIVITY_TIMEOUT + 1
expired = timezone.now() - datetime.timedelta(seconds=delta)
self.assertTrue(self.client.get('/home/').status_code, 200)
session = self.client.session
SessionExpiryPolicyMiddleware._set_datetime_in_session(
SessionExpiryPolicyMiddleware.LAST_ACTIVITY_KEY, expired, session)
session.save()
exempted_response = self.client.get('/accounts/login/')
not_exempted_response = self.client.get('/home/')
self.assertTrue(exempted_response.status_code, 200)
self.assertRedirects(not_exempted_response,
reverse("login") + '?next=/home/')
def test_session_too_old(self):
"""
Pretend we are 1 second passed the session age time and make sure out session
is cleared.
"""
delta = SessionExpiryPolicyMiddleware().SESSION_COOKIE_AGE + 1
expired = datetime.now() - timedelta(seconds=delta)
self.session_expiry_test(SessionExpiryPolicyMiddleware.START_TIME_KEY,
expired)