from django.apps import apps
from django.contrib.auth import authenticate, signals
from django.contrib.auth.models import User
from django.core.exceptions import FieldDoesNotExist
from django.test import TestCase, override_settings
from django.test.client import RequestFactory
from .models import MinimalUser, UserWithDisabledLastLoginField
@override_settings(ROOT_URLCONF="auth_tests.urls")
class SignalTestCase(TestCase):
@classmethod
def setUpTestData(cls):
cls.u1 = User.objects.create_user(username="testclient", password="password")
cls.u3 = User.objects.create_user(username="staff", password="password")
def listener_login(self, user, **kwargs):
self.logged_in.append(user)
def listener_logout(self, user, **kwargs):
self.logged_out.append(user)
def listener_login_failed(self, sender, **kwargs):
self.login_failed.append(kwargs)
def setUp(self):
"""Set up the listeners and reset the logged in/logged out counters"""
self.logged_in = []
self.logged_out = []
self.login_failed = []
signals.user_logged_in.connect(self.listener_login)
self.addCleanup(signals.user_logged_in.disconnect, self.listener_login)
signals.user_logged_out.connect(self.listener_logout)
self.addCleanup(signals.user_logged_out.disconnect, self.listener_logout)
signals.user_login_failed.connect(self.listener_login_failed)
self.addCleanup(
signals.user_login_failed.disconnect, self.listener_login_failed
)
def test_login(self):
# Only a successful login will trigger the success signal.
self.client.login(username="testclient", password="bad")
self.assertEqual(len(self.logged_in), 0)
self.assertEqual(len(self.login_failed), 1)
self.assertEqual(self.login_failed[0]["credentials"]["username"], "testclient")
# verify the password is cleansed
self.assertIn("***", self.login_failed[0]["credentials"]["password"])
self.assertIn("request", self.login_failed[0])
# Like this:
self.client.login(username="testclient", password="password")
self.assertEqual(len(self.logged_in), 1)
self.assertEqual(self.logged_in[0].username, "testclient")
# Ensure there were no more failures.
self.assertEqual(len(self.login_failed), 1)
def test_logout_anonymous(self):
# The log_out function will still trigger the signal for anonymous
# users.
self.client.post("/logout/next_page/")
self.assertEqual(len(self.logged_out), 1)
self.assertIsNone(self.logged_out[0])
def test_logout(self):
self.client.login(username="testclient", password="password")
self.client.post("/logout/next_page/")
self.assertEqual(len(self.logged_out), 1)
self.assertEqual(self.logged_out[0].username, "testclient")
def test_update_last_login(self):
"""Only `last_login` is updated in `update_last_login`"""
user = self.u3
old_last_login = user.last_login
user.username = "This username shouldn't get saved"
request = RequestFactory().get("/login")
signals.user_logged_in.send(sender=user.__class__, request=request, user=user)
user = User.objects.get(pk=user.pk)
self.assertEqual(user.username, "staff")
self.assertNotEqual(user.last_login, old_last_login)
def test_failed_login_without_request(self):
authenticate(username="testclient", password="bad")
self.assertIsNone(self.login_failed[0]["request"])
def test_login_with_custom_user_without_last_login_field(self):
"""
The user_logged_in signal is only registered if the user model has a
last_login field.
"""
last_login_receivers = signals.user_logged_in.receivers
try:
signals.user_logged_in.receivers = []
with self.assertRaises(FieldDoesNotExist):
MinimalUser._meta.get_field("last_login")
with self.settings(AUTH_USER_MODEL="auth_tests.MinimalUser"):
apps.get_app_config("auth").ready()
self.assertEqual(signals.user_logged_in.receivers, [])
# last_login is a property whose value is None.
self.assertIsNone(UserWithDisabledLastLoginField().last_login)
with self.settings(
AUTH_USER_MODEL="auth_tests.UserWithDisabledLastLoginField"
):
apps.get_app_config("auth").ready()
self.assertEqual(signals.user_logged_in.receivers, [])
with self.settings(AUTH_USER_MODEL="auth.User"):
apps.get_app_config("auth").ready()
self.assertEqual(len(signals.user_logged_in.receivers), 1)
finally:
signals.user_logged_in.receivers = last_login_receivers