Browse Source

[FIX] password_security: auth_totp compatibility

* Modify overloaded web_login action to not trigger a password expiration check
if the login process is not complete yet (e.g. due to auth_totp)
* Add unit test for new logic
* Fix warning caused by unrelated unit test
pull/996/head
Oleg Bulkin 7 years ago
parent
commit
6886b17b1f
  1. 3
      password_security/controllers/main.py
  2. 12
      password_security/tests/test_password_security_home.py

3
password_security/controllers/main.py

@ -36,7 +36,8 @@ class PasswordSecurityHome(AuthSignupHome):
def web_login(self, *args, **kw):
ensure_db()
response = super(PasswordSecurityHome, self).web_login(*args, **kw)
if not request.httprequest.method == 'POST':
login_success = request.params.get('login_success', True)
if not request.httprequest.method == 'POST' or not login_success:
return response
uid = request.session.authenticate(
request.session.db,

12
password_security/tests/test_password_security_home.py

@ -114,6 +114,16 @@ class TestPasswordSecurityHome(TransactionCase):
assets['web_login'](), res,
)
def test_web_login_login_success_flag(self):
"""It should return result of super when login_success flag False"""
with self.mock_assets() as assets:
assets['request'].httprequest.method = 'POST'
assets['request'].params = {'login_success': False}
result = self.password_security_home.web_login()
expected = assets['web_login']()
self.assertEqual(result, expected)
def test_web_login_authenticate(self):
""" It should attempt authentication to obtain uid """
with self.mock_assets() as assets:
@ -217,6 +227,8 @@ class TestPasswordSecurityHome(TransactionCase):
main.AuthSignupHome, 'get_auth_signup_qcontext', spec=dict
) as qcontext:
assets['web_auth_signup'].side_effect = MockPassError
assets['request'].render.return_value = MockResponse()
res = self.password_security_home.web_auth_signup()
assets['request'].render.assert_called_once_with(
'auth_signup.signup', qcontext(),

Loading…
Cancel
Save