diff options
| author | François Freitag <mail@franek.fr> | 2021-04-20 06:58:51 +0200 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2021-04-20 07:28:06 +0200 |
| commit | b13af4752fa3e5e7c08163902f32260a50f69ef7 (patch) | |
| tree | ba857fdb4f22e43d1cffd359bdbe434a9c825f06 /tests | |
| parent | 3fec16e8acf0724b061a9e3cce25da898052bc9b (diff) | |
Refs #28017 -- Added test for PasswordResetTokenGenerator subclass with a custom secret.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auth_tests/test_tokens.py | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py index 5b48eb9785..af823b1114 100644 --- a/tests/auth_tests/test_tokens.py +++ b/tests/auth_tests/test_tokens.py @@ -111,3 +111,23 @@ class TokenGeneratorTest(TestCase): # Tokens created with a different secret don't validate. self.assertIs(p0.check_token(user, tk1), False) self.assertIs(p1.check_token(user, tk0), False) + + def test_token_with_different_secret_subclass(self): + class CustomPasswordResetTokenGenerator(PasswordResetTokenGenerator): + secret = 'test-secret' + + user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') + custom_password_generator = CustomPasswordResetTokenGenerator() + tk_custom = custom_password_generator.make_token(user) + self.assertIs(custom_password_generator.check_token(user, tk_custom), True) + + default_password_generator = PasswordResetTokenGenerator() + self.assertNotEqual( + custom_password_generator.secret, + default_password_generator.secret, + ) + self.assertEqual(default_password_generator.secret, settings.SECRET_KEY) + # Tokens created with a different secret don't validate. + tk_default = default_password_generator.make_token(user) + self.assertIs(custom_password_generator.check_token(user, tk_default), False) + self.assertIs(default_password_generator.check_token(user, tk_custom), False) |
