summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/auth_tests/test_tokens.py23
1 files changed, 22 insertions, 1 deletions
diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py
index 42ac71148e..a9ba0e200f 100644
--- a/tests/auth_tests/test_tokens.py
+++ b/tests/auth_tests/test_tokens.py
@@ -1,4 +1,4 @@
-from datetime import datetime, timedelta
+from datetime import date, datetime, timedelta
from django.conf import settings
from django.contrib.auth.models import User
@@ -86,6 +86,27 @@ class TokenGeneratorTest(TestCase):
)
self.assertIs(p4.check_token(user, tk1), False)
+ def test_legacy_days_timeout(self):
+ # RemovedInDjango40Warning: pre-Django 3.1 tokens will be invalid.
+ class LegacyPasswordResetTokenGenerator(MockedPasswordResetTokenGenerator):
+ """Pre-Django 3.1 tokens generator."""
+ def _num_seconds(self, dt):
+ # Pre-Django 3.1 tokens use days instead of seconds.
+ return (dt.date() - date(2001, 1, 1)).days
+
+ user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
+ now = datetime.now()
+ p0 = LegacyPasswordResetTokenGenerator(now)
+ tk1 = p0.make_token(user)
+ p1 = MockedPasswordResetTokenGenerator(
+ now + timedelta(seconds=settings.PASSWORD_RESET_TIMEOUT),
+ )
+ self.assertIs(p1.check_token(user, tk1), True)
+ p2 = MockedPasswordResetTokenGenerator(
+ now + timedelta(seconds=(settings.PASSWORD_RESET_TIMEOUT + 24 * 60 * 60)),
+ )
+ self.assertIs(p2.check_token(user, tk1), False)
+
def test_check_token_with_nonexistent_token_and_user(self):
user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
p0 = PasswordResetTokenGenerator()