PasswordChangeView: show success message only on success (#69463)
License: MIT
This commit is contained in:
parent
46d10c9cf7
commit
0d88a9a610
|
@ -1569,13 +1569,13 @@ class PasswordChangeView(HomeURLMixin, DjPasswordChangeView):
|
|||
|
||||
def form_valid(self, form):
|
||||
hooks.call_hooks('event', name='change-password', user=self.request.user, request=self.request)
|
||||
messages.info(self.request, _('Password changed'))
|
||||
models.PasswordReset.objects.filter(user=self.request.user).delete()
|
||||
try:
|
||||
response = super().form_valid(form)
|
||||
except utils_misc.PasswordChangeError as e:
|
||||
messages.error(self.request, e.message)
|
||||
return utils_misc.redirect(self.request, self.post_change_redirect)
|
||||
messages.info(self.request, _('Password changed'))
|
||||
self.request.journal.record('user.password.change', session=self.request.session)
|
||||
return response
|
||||
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
# authentic2
|
||||
|
||||
import datetime
|
||||
from unittest import mock
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import pytest
|
||||
|
@ -38,7 +39,7 @@ def test_profile(app, simple_user):
|
|||
def test_password_change(app, simple_user):
|
||||
simple_user.set_password('hop')
|
||||
simple_user.save()
|
||||
resp = login(app, simple_user, password='hop', path=reverse('password_change'))
|
||||
resp = login(app, simple_user, password='hop', path='/accounts/password/change/')
|
||||
old_session_key = app.session.session_key
|
||||
|
||||
assert resp.form['old_password'].attrs['autocomplete'] == 'current-password'
|
||||
|
@ -49,13 +50,38 @@ def test_password_change(app, simple_user):
|
|||
resp.form['new_password2'] = 'hopAbcde1'
|
||||
resp = resp.form.submit()
|
||||
|
||||
new_session_key = app.session.session_key
|
||||
|
||||
assert old_session_key != new_session_key, 'session\'s key has not been cycled'
|
||||
|
||||
assert resp.location == '/accounts/password/change/done/'
|
||||
|
||||
new_session_key = app.session.session_key
|
||||
assert old_session_key != new_session_key, 'session\'s key has not been cycled'
|
||||
assert_event('user.password.change', user=simple_user, session=app.session)
|
||||
|
||||
resp = resp.follow()
|
||||
assert 'Password changed' in resp
|
||||
|
||||
|
||||
def test_password_change_error(
|
||||
app,
|
||||
simple_user,
|
||||
):
|
||||
from authentic2.utils.misc import PasswordChangeError
|
||||
|
||||
simple_user.set_password('hop')
|
||||
simple_user.save()
|
||||
resp = login(app, simple_user, password='hop', path='/accounts/password/change/')
|
||||
resp.form['old_password'] = 'hop'
|
||||
resp.form['new_password1'] = 'hopAbcde1'
|
||||
resp.form['new_password2'] = 'hopAbcde1'
|
||||
|
||||
with mock.patch(
|
||||
'authentic2.custom_user.models.User.set_password', side_effect=PasswordChangeError('boum!')
|
||||
):
|
||||
resp = resp.form.submit()
|
||||
|
||||
resp = resp.follow()
|
||||
assert 'Password changed' not in resp
|
||||
assert 'boum!' in resp
|
||||
|
||||
|
||||
def test_well_known_password_change(app):
|
||||
resp = app.get('/.well-known/change-password')
|
||||
|
|
Loading…
Reference in New Issue