MCPcopy
hub / github.com/django/django / test_login

Method test_login

tests/admin_views/tests.py:2480–2557  ·  view source on GitHub ↗

Make sure only staff members can log in. Successful posts to the login page will redirect to the original url. Unsuccessful attempts will continue to render the login page with a 200 status code.

(self)

Source from the content-addressed store, hash-verified

2478 }
2479
2480 def test_login(self):
2481 """
2482 Make sure only staff members can log in.
2483
2484 Successful posts to the login page will redirect to the original url.
2485 Unsuccessful attempts will continue to render the login page with
2486 a 200 status code.
2487 """
2488 login_url = "%s?next=%s" % (reverse("admin:login"), reverse("admin:index"))
2489 # Super User
2490 response = self.client.get(self.index_url)
2491 self.assertRedirects(response, login_url)
2492 login = self.client.post(login_url, self.super_login)
2493 self.assertRedirects(login, self.index_url)
2494 self.assertFalse(login.context)
2495 self.client.post(reverse("admin:logout"))
2496
2497 # Test if user enters email address
2498 response = self.client.get(self.index_url)
2499 self.assertEqual(response.status_code, 302)
2500 login = self.client.post(login_url, self.super_email_login)
2501 self.assertContains(login, ERROR_MESSAGE)
2502 # only correct passwords get a username hint
2503 login = self.client.post(login_url, self.super_email_bad_login)
2504 self.assertContains(login, ERROR_MESSAGE)
2505 new_user = User(username="jondoe", password="secret", email="super@example.com")
2506 new_user.save()
2507 # check to ensure if there are multiple email addresses a user doesn't
2508 # get a 500
2509 login = self.client.post(login_url, self.super_email_login)
2510 self.assertContains(login, ERROR_MESSAGE)
2511
2512 # View User
2513 response = self.client.get(self.index_url)
2514 self.assertEqual(response.status_code, 302)
2515 login = self.client.post(login_url, self.viewuser_login)
2516 self.assertRedirects(login, self.index_url)
2517 self.assertFalse(login.context)
2518 self.client.post(reverse("admin:logout"))
2519
2520 # Add User
2521 response = self.client.get(self.index_url)
2522 self.assertEqual(response.status_code, 302)
2523 login = self.client.post(login_url, self.adduser_login)
2524 self.assertRedirects(login, self.index_url)
2525 self.assertFalse(login.context)
2526 self.client.post(reverse("admin:logout"))
2527
2528 # Change User
2529 response = self.client.get(self.index_url)
2530 self.assertEqual(response.status_code, 302)
2531 login = self.client.post(login_url, self.changeuser_login)
2532 self.assertRedirects(login, self.index_url)
2533 self.assertFalse(login.context)
2534 self.client.post(reverse("admin:logout"))
2535
2536 # Delete User
2537 response = self.client.get(self.index_url)

Callers

nothing calls this directly

Calls 8

reverseFunction · 0.90
UserClass · 0.90
assertRedirectsMethod · 0.80
assertContainsMethod · 0.80
getMethod · 0.45
postMethod · 0.45
saveMethod · 0.45
assertFormErrorMethod · 0.45

Tested by

no test coverage detected