1. from django.contrib.auth.handlers.modwsgi import check_password, groups_for_user

  2. from django.contrib.auth.models import Group, User

  3. from django.test import TransactionTestCase, override_settings

  4. 

  5. from .models import CustomUser

  6. 

  7. 

  8. # This must be a TransactionTestCase because the WSGI auth handler performs

  9. # its own transaction management.

  10. class ModWsgiHandlerTestCase(TransactionTestCase):

  11.     """

  12.     Tests for the mod_wsgi authentication handler

  13.     """

  14. 

  15.     available_apps = [

  16.         "django.contrib.auth",

  17.         "django.contrib.contenttypes",

  18.         "auth_tests",

  19.     ]

  20. 

  21.     def test_check_password(self):

  22.         """

  23.         check_password() returns the correct values as per

  24.         https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider

  25.         """

  26.         User.objects.create_user("test", "[email protected]", "test")

  27. 

  28.         # User not in database

  29.         self.assertIsNone(check_password({}, "unknown", ""))

  30. 

  31.         # Valid user with correct password

  32.         self.assertTrue(check_password({}, "test", "test"))

  33. 

  34.         # correct password, but user is inactive

  35.         User.objects.filter(username="test").update(is_active=False)

  36.         self.assertFalse(check_password({}, "test", "test"))

  37. 

  38.         # Valid user with incorrect password

  39.         self.assertFalse(check_password({}, "test", "incorrect"))

  40. 

  41.     @override_settings(AUTH_USER_MODEL="auth_tests.CustomUser")

  42.     def test_check_password_custom_user(self):

  43.         """

  44.         check_password() returns the correct values as per

  45.         https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-authentication-provider

  46.         with a custom user installed.

  47.         """

  48.         CustomUser._default_manager.create_user(

  49.             "[email protected]", "1990-01-01", "test"

  50.         )

  51. 

  52.         # User not in database

  53.         self.assertIsNone(check_password({}, "unknown", ""))

  54. 

  55.         # Valid user with correct password'

  56.         self.assertTrue(check_password({}, "[email protected]", "test"))

  57. 

  58.         # Valid user with incorrect password

  59.         self.assertFalse(check_password({}, "[email protected]", "incorrect"))

  60. 

  61.     def test_groups_for_user(self):

  62.         """

  63.         groups_for_user() returns correct values as per

  64.         https://modwsgi.readthedocs.io/en/develop/user-guides/access-control-mechanisms.html#apache-group-authorisation

  65.         """

  66.         user1 = User.objects.create_user("test", "[email protected]", "test")

  67.         User.objects.create_user("test1", "[email protected]", "test1")

  68.         group = Group.objects.create(name="test_group")

  69.         user1.groups.add(group)

  70. 

  71.         # User not in database

  72.         self.assertEqual(groups_for_user({}, "unknown"), [])

  73. 

  74.         self.assertEqual(groups_for_user({}, "test"), [b"test_group"])

  75.         self.assertEqual(groups_for_user({}, "test1"), [])
About Sign Up Leave Feedback Contact