1 files changed, 9 insertions, 0 deletions

diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py
index e016cd07ff..bb5bd7a087 100644
--- a/tests/auth_tests/test_views.py
+++ b/tests/auth_tests/test_views.py
@@ -28,6 +28,7 @@ from django.middleware.csrf import CsrfViewMiddleware, get_token
 from django.test import Client, TestCase, override_settings
 from django.test.utils import patch_logger
 from django.urls import NoReverseMatch, reverse, reverse_lazy
+from django.utils.http import urlsafe_base64_encode
 from django.utils.translation import LANGUAGE_SESSION_KEY
 
 from .client import PasswordResetConfirmClient
@@ -437,6 +438,14 @@ class UUIDUserPasswordResetTest(CustomUserPasswordResetTest):
         )
         return super()._test_confirm_start()
 
+    def test_confirm_invalid_uuid(self):
+        """A uidb64 that decodes to a non-UUID doesn't crash."""
+        _, path = self._test_confirm_start()
+        invalid_uidb64 = urlsafe_base64_encode('INVALID_UUID'.encode()).decode()
+        first, _uuidb64_, second = path.strip('/').split('/')
+        response = self.client.get('/' + '/'.join((first, invalid_uidb64, second)) + '/')
+        self.assertContains(response, 'The password reset link was invalid')
+
 
 class ChangePasswordTest(AuthViewsTestCase):