CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-04 15:04:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add check to force users to change password (#2284)

Browse Source
This commit is contained in:
ser8phin
2021-11-11 11:10:33 +01:00
committed by GitHub
parent 245ad644ff
commit 169a6c51b4
11 changed files with 137 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/tests/control/test_auth.py
View File

@@ -787,7 +787,9 @@ class SessionTimeOutTest(TestCase):
assert self.client.session['pretix_auth_last_used'] > t1
def test_pinned_user_agent(self):
self.client.defaults['HTTP_USER_AGENT'] = 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36'
self.client.defaults['HTTP_USER_AGENT'] = 'Mozilla/5.0 (X11; Linux x86_64) ' \
'AppleWebKit/537.36 (KHTML, like Gecko) ' \
'Chrome/64.0.3282.140 Safari/537.36'
response = self.client.get('/control/')
self.assertEqual(response.status_code, 200)
@@ -927,3 +929,45 @@ class Obligatory2FATest(TestCase):
response = self.client.get('/control/events/')
assert response.status_code == 200
class PasswordChangeRequiredTest(TestCase):
def setUp(self):
super().setUp()
self.user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
def test_redirect_to_settings(self):
self.user.needs_password_change = True
self.user.save()
self.client.login(email='dummy@dummy.dummy', password='dummy')
response = self.client.get('/control/events/')
self.assertEqual(response.status_code, 302)
assert self.user.needs_password_change is True
self.assertIn('/control/settings?next=/control/events/', response['Location'])
def test_redirect_to_2fa_to_settings(self):
self.user.require_2fa = True
self.user.needs_password_change = True
self.user.save()
response = self.client.post('/control/login?next=/control/events/', {
'email': 'dummy@dummy.dummy',
'password': 'dummy',
})
self.assertEqual(response.status_code, 302)
self.assertIn('/control/login/2fa?next=/control/events/', response['Location'])
d = TOTPDevice.objects.create(user=self.user, name='test')
totp = TOTP(d.bin_key, d.step, d.t0, d.digits, d.drift)
totp.time = time.time()
self.client.post('/control/login/2fa?next=/control/events/'.format(d.pk), {
'token': str(totp.token())
})
response = self.client.get('/control/events/')
self.assertEqual(response.status_code, 302)
self.assertIn('/control/settings?next=/control/events/', response['Location'])

49
src/tests/control/test_user.py
View File

@@ -51,8 +51,8 @@ from pretix.testutils.mock import mocker_context
class UserSettingsTest(SoupTest):
def setUp(self):
super().setUp()
self.user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
self.client.login(email='dummy@dummy.dummy', password='dummy')
self.user = User.objects.create_user('dummy@dummy.dummy', 'barfoofoo')
self.client.login(email='dummy@dummy.dummy', password='barfoofoo')
doc = self.get_doc('/control/settings')
self.form_data = extract_form_fields(doc.select('.container-fluid form')[0])
@@ -80,7 +80,7 @@ class UserSettingsTest(SoupTest):
def test_change_email_success(self):
doc = self.save({
'email': 'foo@example.com',
'old_pw': 'dummy'
'old_pw': 'barfoofoo'
})
assert doc.select(".alert-success")
self.user = User.objects.get(pk=self.user.pk)
@@ -90,7 +90,7 @@ class UserSettingsTest(SoupTest):
User.objects.create_user('foo@example.com', 'foo')
doc = self.save({
'email': 'foo@example.com',
'old_pw': 'dummy'
'old_pw': 'barfoofoo'
})
assert doc.select(".alert-danger")
self.user = User.objects.get(pk=self.user.pk)
@@ -112,7 +112,7 @@ class UserSettingsTest(SoupTest):
self.save({
'new_pw': 'foobarbar',
'new_pw_repeat': 'foobarbar',
'old_pw': 'dummy',
'old_pw': 'barfoofoo',
})
pw = self.user.password
self.user = User.objects.get(pk=self.user.pk)
@@ -122,7 +122,7 @@ class UserSettingsTest(SoupTest):
doc = self.save({
'new_pw': 'foobarbar',
'new_pw_repeat': 'foobarbar',
'old_pw': 'dummy',
'old_pw': 'barfoofoo',
})
assert doc.select(".alert-success")
self.user = User.objects.get(pk=self.user.pk)
@@ -132,7 +132,7 @@ class UserSettingsTest(SoupTest):
doc = self.save({
'new_pw': 'foo',
'new_pw_repeat': 'foo',
'old_pw': 'dummy',
'old_pw': 'barfoofoo',
})
assert doc.select(".alert-danger")
pw = self.user.password
@@ -143,7 +143,7 @@ class UserSettingsTest(SoupTest):
doc = self.save({
'new_pw': 'dummy123',
'new_pw_repeat': 'dummy123',
'old_pw': 'dummy',
'old_pw': 'barfoofoo',
})
assert doc.select(".alert-danger")
pw = self.user.password
@@ -154,13 +154,44 @@ class UserSettingsTest(SoupTest):
doc = self.save({
'new_pw': 'foooooooooooooo',
'new_pw_repeat': 'baaaaaaaaaaaar',
'old_pw': 'dummy',
'old_pw': 'barfoofoo',
})
assert doc.select(".alert-danger")
pw = self.user.password
self.user = User.objects.get(pk=self.user.pk)
assert self.user.password == pw
def test_change_password_require_new(self):
doc = self.save({
'new_pw': 'barfoofoo',
'new_pw_repeat': 'barfoofoo',
'old_pw': 'barfoofoo',
})
assert doc.select(".alert-danger")
def test_needs_password_change(self):
self.user.needs_password_change = True
self.user.save()
doc = self.save({
'email': 'foo@example.com',
'old_pw': 'barfoofoo'
})
assert doc.select(".alert-success")
assert doc.select(".alert-warning")
self.user.refresh_from_db()
assert self.user.needs_password_change is True
def test_needs_password_change_changed(self):
self.user.needs_password_change = True
self.user.save()
self.save({
'new_pw': 'foobarbar',
'new_pw_repeat': 'foobarbar',
'old_pw': 'barfoofoo'
})
self.user.refresh_from_db()
assert self.user.needs_password_change is False
@pytest.fixture
def class_monkeypatch(request, monkeypatch):