diff options
| author | Tim Graham <timograham@gmail.com> | 2018-03-20 17:19:27 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2018-03-22 10:03:43 -0400 |
| commit | a4f0e9aec76ee40c938d3bf450ff63211b7ba1f1 (patch) | |
| tree | 65c8d99ed6a2ef86f6ff4773c87900a349e1c735 /tests/auth_tests | |
| parent | d97cce34096043b019e818a7fb98c0f9f073704c (diff) | |
Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher.
Regression in aeb1389442d0f9669edf6660b747fd10693b63a7.
Reverted changes to is_password_usable() from
703c266682be39f7153498ad0d8031231f12ee79 and documentation changes from
92f48680dbd2e02f2b33f6ad0e35b7d337889fb2.
Diffstat (limited to 'tests/auth_tests')
| -rw-r--r-- | tests/auth_tests/test_hashers.py | 8 | ||||
| -rw-r--r-- | tests/auth_tests/test_models.py | 7 |
2 files changed, 12 insertions, 3 deletions
diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index 51aaa3d72c..ab34ad78b6 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -276,9 +276,11 @@ class TestUtilsHashPass(SimpleTestCase): with self.assertRaisesMessage(ValueError, msg % 'lolcat'): identify_hasher('lolcat$salt$hash') - def test_bad_encoded(self): - self.assertFalse(is_password_usable('lètmein_badencoded')) - self.assertFalse(is_password_usable('')) + def test_is_password_usable(self): + passwords = ('lètmein_badencoded', '', None) + for password in passwords: + with self.subTest(password=password): + self.assertIs(is_password_usable(password), True) def test_low_level_pbkdf2(self): hasher = PBKDF2PasswordHasher() diff --git a/tests/auth_tests/test_models.py b/tests/auth_tests/test_models.py index 9438ed8aff..bd83b47677 100644 --- a/tests/auth_tests/test_models.py +++ b/tests/auth_tests/test_models.py @@ -158,6 +158,13 @@ class UserManagerTestCase(TestCase): class AbstractBaseUserTests(TestCase): + def test_has_usable_password(self): + """ + Passwords are usable even if they don't correspond to a hasher in + settings.PASSWORD_HASHERS. + """ + self.assertIs(User(password='some-gibbberish').has_usable_password(), True) + def test_normalize_username(self): self.assertEqual(IntegerUsernameUser().normalize_username(123), 123) |