diff --git a/secretquestions/decorators.py b/secretquestions/decorators.py index 6c5d84e..9bbd99f 100644 --- a/secretquestions/decorators.py +++ b/secretquestions/decorators.py @@ -11,23 +11,28 @@ from django.contrib import messages from .views import SecretQuestionWizard from .conf import SQ_SESSION_KEY, SQ_TOKEN_TTL + def secret_questions_required(view, ttl=SQ_TOKEN_TTL): def _wrapped(request, *args, **kwargs): - session_token, url, date = request.session.get(SQ_SESSION_KEY, - (None, None, datetime.now())) + session_token, url, date = request.session.get(SQ_SESSION_KEY, + (None, + None, + datetime.now() + )) get_token = request.GET.get(SQ_SESSION_KEY, None) date_max = date + timedelta(seconds=ttl) if session_token is None or get_token is None: wiz = SecretQuestionWizard(request) return wiz(request, *args, **kwargs) - + if date_max < datetime.now() or \ not request.get_full_path().startswith(url): if request.method == "POST": messages.error(request, _("Your modifications were canceled.")) url = request.get_full_path() - clean_url = re.sub("(.*)%s=[a..z0..9]*(.*)" % SQ_SESSION_KEY, "\\1", url) + regex_no_session_key = "(.*)%s=[a..z0..9]*(.*)" % SQ_SESSION_KEY + clean_url = re.sub(regex_no_session_key, "\\1", url) return redirect(clean_url) if session_token == get_token: diff --git a/secretquestions/forms.py b/secretquestions/forms.py index 2fa7c6e..1bcf3e8 100644 --- a/secretquestions/forms.py +++ b/secretquestions/forms.py @@ -28,11 +28,12 @@ class AnswerForm(ModelForm): return crypt_answer(data) -_FreeAnswerFormSet = modelformset_factory(Answer, form=AnswerForm, - fields=("question", "secret"), - extra=MAX_SECRET_QUESTIONS, - max_num=MAX_SECRET_QUESTIONS, - can_delete=False) +_FreeAnswerFormSet = modelformset_factory(Answer, + form=AnswerForm, + fields=("question", "secret"), + extra=MAX_SECRET_QUESTIONS, + max_num=MAX_SECRET_QUESTIONS, + can_delete=False) class AnswerFormSet(_FreeAnswerFormSet): @@ -56,11 +57,11 @@ class AnswerFormSet(_FreeAnswerFormSet): except: question = None if question is None: - raise forms.ValidationError( - _("All questions have to be selected.")) + error_msg = _("All questions have to be selected.") + raise forms.ValidationError(error_msg) if question in questions: - raise forms.ValidationError( - _("Each question has to be different.")) + error_msg = _("Each question has to be different.") + raise forms.ValidationError(error_msg) questions.append(question) return super(AnswerFormSet, self).clean() @@ -79,7 +80,7 @@ class UsernameForm(forms.Form): class QuestionForm(forms.Form): raw_answer = forms.CharField() - + def clean_raw_answer(self): data = self.cleaned_data['raw_answer'] if not check_answer(data, self.answer.secret): diff --git a/secretquestions/models.py b/secretquestions/models.py index a373b4d..61a9353 100644 --- a/secretquestions/models.py +++ b/secretquestions/models.py @@ -16,6 +16,7 @@ def crypt_answer(raw): def check_answer(raw, crypted): return check_password(raw, crypted) + class Question(models.Model): text = models.CharField(max_length=255) diff --git a/secretquestions/tests/common.py b/secretquestions/tests/common.py index 2163112..da63625 100644 --- a/secretquestions/tests/common.py +++ b/secretquestions/tests/common.py @@ -7,6 +7,7 @@ from django.contrib.auth.models import User from secretquestions.models import Question + class SecretQuestionTest(TestCase): client = Client() @@ -27,5 +28,3 @@ class SecretQuestionTest(TestCase): self.question2 = Question.objects.create(text="question2") self.question3 = Question.objects.create(text="question3") self.questions = (self.question1, self.question2, self.question3) - - diff --git a/secretquestions/tests/configuration.py b/secretquestions/tests/configuration.py index b7e532a..03ed23d 100644 --- a/secretquestions/tests/configuration.py +++ b/secretquestions/tests/configuration.py @@ -28,7 +28,7 @@ class ConfigurationTest(SecretQuestionTest): Check if setup page is accessible from authenticated people """ self.assertEqual(self.client.login(username=self.username, - password=self.password), True) + password=self.password), True) url = reverse('sq_setup') response = self.client.get(url) @@ -40,39 +40,36 @@ class ConfigurationTest(SecretQuestionTest): """ raw_password = 'xxx' self.assertEqual(self.client.login(username=self.username, - password=self.password), True) + password=self.password), True) url = reverse('sq_setup') - data = { - 'form-TOTAL_FORMS': u'1', + data = {'form-TOTAL_FORMS': u'1', 'form-INITIAL_FORMS': u'0', 'form-MAX_NUM_FORMS': u'', - 'form-0-question': self.question1.id, - 'form-0-secret': raw_password, - } + 'form-0-question': self.question1.id, + 'form-0-secret': raw_password, } + response = self.client.post(url, data) self.assertEqual(response.status_code, 302) answer = Answer.objects.get(user=self.user, question=self.question1) self.assertNotEqual(answer.secret, raw_password) self.assertNotEqual(answer.secret, '') - def test_setting_empty_answer_for_one_question(self): """ Check if the answer is not empty """ raw_password = '' self.assertEqual(self.client.login(username=self.username, - password=self.password), True) + password=self.password), True) url = reverse('sq_setup') - data = { - 'form-TOTAL_FORMS': u'1', + data = {'form-TOTAL_FORMS': u'1', 'form-INITIAL_FORMS': u'0', 'form-MAX_NUM_FORMS': u'', - 'form-0-question': self.question1.id, - 'form-0-secret': raw_password, - } + 'form-0-question': self.question1.id, + 'form-0-secret': raw_password, } + response = self.client.post(url, data) self.assertEqual(response.status_code, 200) with self.assertRaises(Answer.DoesNotExist): @@ -90,4 +87,3 @@ class ConfigurationTest(SecretQuestionTest): self.assertFalse(raw_password in response.content) answer = Answer.objects.get(user=self.user, question=self.question1) self.assertFalse(answer.secret in response.content) - diff --git a/secretquestions/tests/settings.py b/secretquestions/tests/settings.py index 30910d4..1deaf72 100644 --- a/secretquestions/tests/settings.py +++ b/secretquestions/tests/settings.py @@ -4,17 +4,12 @@ SECRET_KEY = 'secret' ROOT_URLCONF = 'secretquestions.tests.urls' -DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.sqlite3', - 'NAME': ':memory:', - } - } +DATABASES = {'default': + {'ENGINE': 'django.db.backends.sqlite3', 'NAME': ':memory:', }} -INSTALLED_APPS = ( - 'django.contrib.auth', - 'django.contrib.contenttypes', - 'django.contrib.sessions', - 'django.contrib.admin', - 'registration', - 'secretquestions',) +INSTALLED_APPS = ('django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.admin', + 'registration', + 'secretquestions',) diff --git a/secretquestions/tests/urls.py b/secretquestions/tests/urls.py index 12e9f41..7a851c7 100644 --- a/secretquestions/tests/urls.py +++ b/secretquestions/tests/urls.py @@ -5,7 +5,6 @@ from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', - (r'^admin/(.*)', include(admin.site.urls)), - (r'^accounts/', include('registration.urls')), - (r'^secret/', include('secretquestions.urls')), -) + (r'^admin/(.*)', include(admin.site.urls)), + (r'^accounts/', include('registration.urls')), + (r'^secret/', include('secretquestions.urls')),) diff --git a/secretquestions/urls.py b/secretquestions/urls.py index eecfc63..d2198f9 100644 --- a/secretquestions/urls.py +++ b/secretquestions/urls.py @@ -3,6 +3,6 @@ from django.conf.urls.defaults import patterns, url urlpatterns = patterns('', - url(r'questions/setup$', 'secretquestions.views.setup_form', - name="sq_setup"), -) + url(r'questions/setup$', + 'secretquestions.views.setup_form', + name="sq_setup"), ) diff --git a/secretquestions/views.py b/secretquestions/views.py index 5d3784a..10285bb 100644 --- a/secretquestions/views.py +++ b/secretquestions/views.py @@ -20,13 +20,15 @@ from django.middleware.csrf import _get_new_csrf_key from .forms import AnswerFormSet, UsernameForm, QuestionForm from .conf import SQ_SESSION_KEY + @login_required def setup_form(request): if request.method == 'POST': formset = AnswerFormSet(request.POST, user=request.user) if formset.is_valid(): formset.save_all() - messages.info(request, _("Your secret answers were successfully saved.")) + messages.info(request, + _("Your secret answers were successfully saved.")) return redirect(settings.LOGIN_REDIRECT_URL) else: formset = AnswerFormSet(user=request.user) @@ -37,7 +39,7 @@ def setup_form(request): class SecretQuestionWizard(FormWizard): - __name__ = 'SecretQuestionWizard' # fix for debugtoolbar introspection + __name__ = 'SecretQuestionWizard' # fix for debugtoolbar introspection def __init__(self, request): self.user = None @@ -74,18 +76,17 @@ class SecretQuestionWizard(FormWizard): return 'secretquestions/step.html' def done(self, request, form_list): - for form in form_list: if not form.is_valid(): return self.redirect token = _get_new_csrf_key() path = urlparse(self.redirect).path - params = parse_qs(urlparse(self.redirect).query, keep_blank_values=True) + params = parse_qs(urlparse(self.redirect).query, + keep_blank_values=True) params[SQ_SESSION_KEY] = token qs = urlencode(params) url = "%s?%s" % (path, qs) - request.session[SQ_SESSION_KEY] = (token, path, datetime.now()) return redirect(url)