Mercurial > public > sg101

comparison accounts/tests/test_views.py @ 905:be233ba7ca31

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Reworked registration process. Previous one proved too challenging for some humans. Hopefully made it simpler but still unusual to confuse bots. Increased test coverage also.
author Brian Neal <bgneal@gmail.com>
date Sun, 08 Mar 2015 11:06:07 -0500
parents 9133b4626a4b
children
comparison
equal deleted inserted replaced
904:d4479ebbd118 905:be233ba7ca31
44 'agree_tos': 'on', 44 'agree_tos': 'on',
45 'agree_privacy': 'on', 45 'agree_privacy': 'on',
46 'question1': '101', 46 'question1': '101',
47 'question2': '', 47 'question2': '',
48 'question3': '', 48 'question3': '',
49 'question4': u'2',
50 'question5': u'328',
51 'question6': u'4',
52 'question7': [u'2', u'4', u'5', u'7'],
53 } 49 }
54 50
55 def test_get_view(self): 51 def test_get_view(self):
56 """ 52 """
57 Test a simple get of the registration view 53 Test a simple get of the registration view
73 'agree_age': 'on', 69 'agree_age': 'on',
74 'agree_tos': 'on', 70 'agree_tos': 'on',
75 'agree_privacy': 'on', 71 'agree_privacy': 'on',
76 'question1': '101', 72 'question1': '101',
77 'question2': '', 73 'question2': '',
74 'question3': '',
78 }) 75 })
79 76
80 self.assertEqual(response.status_code, 200) 77 self.assertEqual(response.status_code, 200)
81 self.assertContains(response, 'A user with that username already exists') 78 self.assertContains(response, 'A user with that username already exists')
82 79
175 self.post_vals['question3'] = 'non blank' 172 self.post_vals['question3'] = 'non blank'
176 response = self.client.post(reverse('accounts-register'), 173 response = self.client.post(reverse('accounts-register'),
177 self.post_vals) 174 self.post_vals)
178 self.assertEqual(response.status_code, 200) 175 self.assertEqual(response.status_code, 200)
179 176
180 def test_question4(self):
181 """
182 Ensure our security question 4 works
183
184 """
185 self.post_vals['question4'] = u'1'
186 response = self.client.post(reverse('accounts-register'),
187 self.post_vals)
188 self.assertEqual(response.status_code, 200)
189
190 self.post_vals['question4'] = u'4'
191 response = self.client.post(reverse('accounts-register'),
192 self.post_vals)
193 self.assertEqual(response.status_code, 200)
194
195 self.post_vals['question4'] = u'8'
196 response = self.client.post(reverse('accounts-register'),
197 self.post_vals)
198 self.assertEqual(response.status_code, 200)
199
200 def test_question5(self):
201 """
202 Ensure our security question 5 works
203
204 """
205 self.post_vals['question5'] = u'1'
206 response = self.client.post(reverse('accounts-register'),
207 self.post_vals)
208 self.assertEqual(response.status_code, 200)
209
210 self.post_vals['question5'] = u'X'
211 response = self.client.post(reverse('accounts-register'),
212 self.post_vals)
213 self.assertEqual(response.status_code, 200)
214
215 self.post_vals['question5'] = u'2983'
216 response = self.client.post(reverse('accounts-register'),
217 self.post_vals)
218 self.assertEqual(response.status_code, 200)
219
220 def test_question6(self):
221 """
222 Ensure our security question 6 works
223
224 """
225 self.post_vals['question6'] = u'1'
226 response = self.client.post(reverse('accounts-register'),
227 self.post_vals)
228 self.assertEqual(response.status_code, 200)
229
230 self.post_vals['question6'] = u'2'
231 response = self.client.post(reverse('accounts-register'),
232 self.post_vals)
233 self.assertEqual(response.status_code, 200)
234
235 self.post_vals['question6'] = u'8'
236 response = self.client.post(reverse('accounts-register'),
237 self.post_vals)
238 self.assertEqual(response.status_code, 200)
239
240 def test_question7(self):
241 """Test security question 7"""
242
243 self.post_vals['question7'] = []
244 response = self.client.post(reverse('accounts-register'),
245 self.post_vals)
246 self.assertEqual(response.status_code, 200)
247
248 self.post_vals['question7'] = [u'1']
249 response = self.client.post(reverse('accounts-register'),
250 self.post_vals)
251 self.assertEqual(response.status_code, 200)
252
253 self.post_vals['question7'] = [u'6', u'2', u'4', u'5', u'7']
254 response = self.client.post(reverse('accounts-register'),
255 self.post_vals)
256 self.assertEqual(response.status_code, 200)
257
258 self.post_vals['question7'] = [u'4', u'3', u'7']
259 response = self.client.post(reverse('accounts-register'),
260 self.post_vals)
261 self.assertEqual(response.status_code, 200)
262
263 def test_success(self): 177 def test_success(self):
264 """ 178 """
265 Ensure we can successfully register. 179 Ensure we can successfully register.
266 180
267 """ 181 """
268 response = self.client.post(reverse('accounts-register'), 182 response = self.client.post(reverse('accounts-register'),
269 self.post_vals) 183 self.post_vals)
270 self.assertEqual(response.status_code, 302) 184 self.assertRedirects(response, reverse('accounts-register1'))
185
186 # No pending user should exist yet
187 try:
188 pending = PendingUser.objects.get(username='a_new_user')
189 except PendingUser.DoesNotExist:
190 pass
191 else:
192 self.fail("PendingUser was created early")
193
194 # Should have created a reg_info dict in the session
195 reg_info = self.client.session.get('reg_info')
196 self.assertEqual(reg_info, {
197 'username': self.post_vals['username'],
198 'email': self.post_vals['email'],
199 'password': self.post_vals['password1'],
200 'code': reg_info['code'],
201 })
202 code = reg_info['code']
203 match = re.match(r'\w+-\d{3}', code)
204 self.assertIsNotNone(match)
205
206 # Get the next page
207 response = self.client.get(reverse('accounts-register2'))
208 self.assertEqual(response.status_code, 200)
209
210 # No pending user should exist yet
211 try:
212 pending = PendingUser.objects.get(username='a_new_user')
213 except PendingUser.DoesNotExist:
214 pass
215 else:
216 self.fail("PendingUser was created early")
217
218 # Try bad code
219 response = self.client.post(reverse('accounts-register2'),
220 {'code': code + code })
221 self.assertEqual(response.status_code, 200)
222 self.assertContains(response, "The registration code does not match")
223
224 # No pending user should exist yet
225 try:
226 pending = PendingUser.objects.get(username='a_new_user')
227 except PendingUser.DoesNotExist:
228 pass
229 else:
230 self.fail("PendingUser was created early")
231
232 # Try good code
233 response = self.client.post(reverse('accounts-register2'),
234 {'code': code })
235 self.assertRedirects(response, reverse('accounts-register_thanks'))
236 self.assertIsNone(self.client.session.get('reg_info'))
271 237
272 try: 238 try:
273 pending = PendingUser.objects.get(username='a_new_user') 239 pending = PendingUser.objects.get(username='a_new_user')
274 except PendingUser.DoesNotExist: 240 except PendingUser.DoesNotExist:
275 self.fail("PendingUser was not created") 241 self.fail("PendingUser was not created")
276 242
277 self.assertEqual(pending.email, 'test@example.com') 243 self.assertEqual(pending.email, 'test@example.com')
278 self.assertTrue(datetime.datetime.now() - pending.date_joined < 244 self.assertTrue(datetime.datetime.now() - pending.date_joined <
279 datetime.timedelta(minutes=1)) 245 datetime.timedelta(minutes=1))
280 self.assertTrue(check_password('my_password', pending.password)) 246 self.assertTrue(check_password('my_password', pending.password))
247
248 self.assertEqual(len(mail.outbox), 1)
249 msg = mail.outbox[0]
250 self.assertTrue(msg.subject.startswith('Registration Confirmation'))
251 self.assertTrue(len(msg.to) == 1 and msg.to[0] == pending.email)
252 msg_text = msg.message().as_string()
253
254 activation_link = 'http://example.com%s' % (
255 reverse('accounts-register_confirm',
256 kwargs={'username': pending.username,
257 'key': pending.key}))
258 self.assertTrue(activation_link in msg_text)
259
260 # Vist confirm link
261 response = self.client.get(reverse('accounts-register_confirm',
262 kwargs={'username': pending.username,
263 'key': pending.key}))
264 self.assertEqual(response.status_code, 200)
265
266 try:
267 pending = PendingUser.objects.get(username='a_new_user')
268 except PendingUser.DoesNotExist:
269 pass
270 else:
271 self.fail("PendingUser was not deleted upon confirmation")
272
273 user = User.objects.get(username=pending.username)
274 self.assertEqual(user.email, pending.email)
275 now = datetime.datetime.now()
276 delta = datetime.timedelta(seconds=10)
277 self.assertTrue(now - user.last_login < delta)
278 self.assertTrue(now - user.date_joined < delta)
279 self.assertEqual(user.password, pending.password)
280 self.assertEqual(user.first_name, '')
281 self.assertEqual(user.last_name, '')
282 self.assertFalse(user.is_staff)
283 self.assertTrue(user.is_active)
284 self.assertFalse(user.is_superuser)
281 285
282 286
283 class ForgotUsernameTest(TestCase): 287 class ForgotUsernameTest(TestCase):
284 288
285 def setUp(self): 289 def setUp(self):