diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/auth_tests/test_tokens.py | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py index 42ac71148e..a9ba0e200f 100644 --- a/tests/auth_tests/test_tokens.py +++ b/tests/auth_tests/test_tokens.py @@ -1,4 +1,4 @@ -from datetime import datetime, timedelta +from datetime import date, datetime, timedelta from django.conf import settings from django.contrib.auth.models import User @@ -86,6 +86,27 @@ class TokenGeneratorTest(TestCase): ) self.assertIs(p4.check_token(user, tk1), False) + def test_legacy_days_timeout(self): + # RemovedInDjango40Warning: pre-Django 3.1 tokens will be invalid. + class LegacyPasswordResetTokenGenerator(MockedPasswordResetTokenGenerator): + """Pre-Django 3.1 tokens generator.""" + def _num_seconds(self, dt): + # Pre-Django 3.1 tokens use days instead of seconds. + return (dt.date() - date(2001, 1, 1)).days + + user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') + now = datetime.now() + p0 = LegacyPasswordResetTokenGenerator(now) + tk1 = p0.make_token(user) + p1 = MockedPasswordResetTokenGenerator( + now + timedelta(seconds=settings.PASSWORD_RESET_TIMEOUT), + ) + self.assertIs(p1.check_token(user, tk1), True) + p2 = MockedPasswordResetTokenGenerator( + now + timedelta(seconds=(settings.PASSWORD_RESET_TIMEOUT + 24 * 60 * 60)), + ) + self.assertIs(p2.check_token(user, tk1), False) + def test_check_token_with_nonexistent_token_and_user(self): user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw') p0 = PasswordResetTokenGenerator() |
