summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrançois Freitag <mail@franek.fr>2021-04-20 06:58:51 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2021-04-20 07:28:06 +0200
commitb13af4752fa3e5e7c08163902f32260a50f69ef7 (patch)
treeba857fdb4f22e43d1cffd359bdbe434a9c825f06
parent3fec16e8acf0724b061a9e3cce25da898052bc9b (diff)
Refs #28017 -- Added test for PasswordResetTokenGenerator subclass with a custom secret.
-rw-r--r--tests/auth_tests/test_tokens.py20
1 files changed, 20 insertions, 0 deletions
diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py
index 5b48eb9785..af823b1114 100644
--- a/tests/auth_tests/test_tokens.py
+++ b/tests/auth_tests/test_tokens.py
@@ -111,3 +111,23 @@ class TokenGeneratorTest(TestCase):
# Tokens created with a different secret don't validate.
self.assertIs(p0.check_token(user, tk1), False)
self.assertIs(p1.check_token(user, tk0), False)
+
+ def test_token_with_different_secret_subclass(self):
+ class CustomPasswordResetTokenGenerator(PasswordResetTokenGenerator):
+ secret = 'test-secret'
+
+ user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
+ custom_password_generator = CustomPasswordResetTokenGenerator()
+ tk_custom = custom_password_generator.make_token(user)
+ self.assertIs(custom_password_generator.check_token(user, tk_custom), True)
+
+ default_password_generator = PasswordResetTokenGenerator()
+ self.assertNotEqual(
+ custom_password_generator.secret,
+ default_password_generator.secret,
+ )
+ self.assertEqual(default_password_generator.secret, settings.SECRET_KEY)
+ # Tokens created with a different secret don't validate.
+ tk_default = default_password_generator.make_token(user)
+ self.assertIs(custom_password_generator.check_token(user, tk_default), False)
+ self.assertIs(default_password_generator.check_token(user, tk_custom), False)