Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher.

Regression in aeb1389442d0f9669edf6660b747fd10693b63a7. Reverted changes to is_password_usable() from 703c266682be39f7153498ad0d8031231f12ee79 and documentation changes from 92f48680dbd2e02f2b33f6ad0e35b7d337889fb2.
author: Tim Graham <timograham@gmail.com> 2018-03-20 17:19:27 -0400
committer: Tim Graham <timograham@gmail.com> 2018-03-22 10:03:43 -0400
commit: a4f0e9aec76ee40c938d3bf450ff63211b7ba1f1 (patch)
tree: 65c8d99ed6a2ef86f6ff4773c87900a349e1c735 /tests/auth_tests/test_models.py
parent: d97cce34096043b019e818a7fb98c0f9f073704c (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/tests/auth_tests/test_models.py b/tests/auth_tests/test_models.py
index 9438ed8aff..bd83b47677 100644
--- a/tests/auth_tests/test_models.py
+++ b/tests/auth_tests/test_models.py
@@ -158,6 +158,13 @@ class UserManagerTestCase(TestCase):
 
 class AbstractBaseUserTests(TestCase):
 
+    def test_has_usable_password(self):
+        """
+        Passwords are usable even if they don't correspond to a hasher in
+        settings.PASSWORD_HASHERS.
+        """
+        self.assertIs(User(password='some-gibbberish').has_usable_password(), True)
+
     def test_normalize_username(self):
         self.assertEqual(IntegerUsernameUser().normalize_username(123), 123)
author	Tim Graham <timograham@gmail.com>	2018-03-20 17:19:27 -0400
committer	Tim Graham <timograham@gmail.com>	2018-03-22 10:03:43 -0400
commit	a4f0e9aec76ee40c938d3bf450ff63211b7ba1f1 (patch)
tree	65c8d99ed6a2ef86f6ff4773c87900a349e1c735 /tests/auth_tests/test_models.py
parent	d97cce34096043b019e818a7fb98c0f9f073704c (diff)