diff options
| author | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2021-01-12 20:31:36 +0100 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2021-01-14 17:50:04 +0100 |
| commit | 6b4941dd577c494cfa49dbeacfd33594ae770047 (patch) | |
| tree | bf4948ae43a686ae0e5956d64d7f46cfeb331337 /tests | |
| parent | d32a232fe92e0162030c7905f877d8a07c09e6c7 (diff) | |
Refs #27468 -- Removed support for the pre-Django 3.1 user sessions.
Per deprecation timeline.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auth_tests/test_middleware.py | 10 | ||||
| -rw-r--r-- | tests/auth_tests/test_views.py | 23 |
2 files changed, 1 insertions, 32 deletions
diff --git a/tests/auth_tests/test_middleware.py b/tests/auth_tests/test_middleware.py index b6151acb19..c6e0a7cc8d 100644 --- a/tests/auth_tests/test_middleware.py +++ b/tests/auth_tests/test_middleware.py @@ -24,16 +24,6 @@ class TestAuthenticationMiddleware(TestCase): self.assertIsNotNone(self.request.user) self.assertFalse(self.request.user.is_anonymous) - def test_no_password_change_does_not_invalidate_legacy_session(self): - # RemovedInDjango40Warning: pre-Django 3.1 hashes will be invalid. - session = self.client.session - session[HASH_SESSION_KEY] = self.user._legacy_get_session_auth_hash() - session.save() - self.request.session = session - self.middleware(self.request) - self.assertIsNotNone(self.request.user) - self.assertFalse(self.request.user.is_anonymous) - @ignore_warnings(category=RemovedInDjango40Warning) def test_session_default_hashing_algorithm(self): hash_session = self.client.session[HASH_SESSION_KEY] diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py index 4fb61b9be5..e57d661772 100644 --- a/tests/auth_tests/test_views.py +++ b/tests/auth_tests/test_views.py @@ -9,7 +9,7 @@ from django.apps import apps from django.conf import settings from django.contrib.admin.models import LogEntry from django.contrib.auth import ( - BACKEND_SESSION_KEY, HASH_SESSION_KEY, REDIRECT_FIELD_NAME, SESSION_KEY, + BACKEND_SESSION_KEY, REDIRECT_FIELD_NAME, SESSION_KEY, ) from django.contrib.auth.forms import ( AuthenticationForm, PasswordChangeForm, SetPasswordForm, @@ -710,27 +710,6 @@ class LoginTest(AuthViewsTestCase): self.login(password='foobar') self.assertNotEqual(original_session_key, self.client.session.session_key) - def test_legacy_session_key_flushed_on_login(self): - # RemovedInDjango40Warning. - user = User.objects.get(username='testclient') - engine = import_module(settings.SESSION_ENGINE) - session = engine.SessionStore() - session[SESSION_KEY] = user.id - session[HASH_SESSION_KEY] = user._legacy_get_session_auth_hash() - session.save() - original_session_key = session.session_key - self.client.cookies[settings.SESSION_COOKIE_NAME] = original_session_key - # Legacy session key is flushed on login. - self.login() - self.assertNotEqual(original_session_key, self.client.session.session_key) - # Legacy session key is flushed after a password change. - user.set_password('password_2') - user.save() - original_session_key = session.session_key - self.client.cookies[settings.SESSION_COOKIE_NAME] = original_session_key - self.login(password='password_2') - self.assertNotEqual(original_session_key, self.client.session.session_key) - def test_login_session_without_hash_session_key(self): """ Session without django.contrib.auth.HASH_SESSION_KEY should login |
