Cleaned up tests. Fixes #7 and closes #9 since it works with django-admin by default

2026-05-20 13:21:53 +00:00 · 2013-01-26 17:01:49 -05:00 · 2013-01-26 17:01:49 -05:00 · cbc07d0f98
commit cbc07d0f98
parent 6eb24795fa
1 changed files with 51 additions and 37 deletions
--- a/axes/tests.py
+++ b/axes/tests.py
@ -1,23 +1,30 @@
-from django.test import TestCase, Client
-from django.conf import settings
-from django.contrib import admin
-import random
-from django.contrib.auth.models import User
-
-from models import AccessAttempt
-from decorators import FAILURE_LIMIT
-
 # Only run tests if they have axes in middleware

 # Basically a functional test

+import random
+import string

+from django.test import TestCase
+from django.contrib.auth.models import User
+from django.core.urlresolvers import reverse
+from django.test.utils import override_settings
+
+
+FAILURE_LIMIT = 3
+
+
+@override_settings(
+    AXES_LOGIN_FAILURE_LIMIT=FAILURE_LIMIT,
+    AXES_LOCKOUT_URL=None,
+    AXES_USE_USER_AGENT=False,
+    AXES_COOLOFF_TIME=None,
+    AXES_LOCKOUT_TEMPLATE=None,
+)
 class AccessAttemptTest(TestCase):
-    NOT_GONNA_BE_PASSWORD = "sfdlermmvnLsefrlg0c9gjjPxmvLlkdf2#"
-    NOT_GONNA_BE_USERNAME = "whywouldyouohwhy"
+    """Test case using custom settings for testing"""

    def setUp(self):
-        settings.AXES_LOCKOUT_URL = None
        for i in range(0, random.randrange(10, 50)):
            username = "person%s" % i
            email = "%s@example.org" % username
@ -25,45 +32,52 @@ class AccessAttemptTest(TestCase):
            u.is_staff = True
            u.save()

-    def _gen_bad_password(self):
-        return AccessAttemptTest.NOT_GONNA_BE_PASSWORD + str(random.random())
+    def _generate_random_string(self):
+        """Generates a random string"""
+        return ''.join(random.choice(string.ascii_uppercase + string.digits)
+            for x in range(20))

-    def _random_username(self, correct_username=False):
-        if not correct_username:
-            return (AccessAttemptTest.NOT_GONNA_BE_USERNAME +
-                    str(random.random()))[:30]
-        else:
-            return random.choice(User.objects.filter(is_staff=True))
+    def _random_username(self, existing_username=False):
+        """Returns a username, existing or not depending on params"""
+        if existing_username:
+            return User.objects.order_by('?')[0].username
+
+        return self._generate_random_string()
+
+    def _attempt_login(self, existing_username=False):
+        response = self.client.post(reverse('admin:index'), {
+            'username': self._random_username(existing_username),
+            'password': self._generate_random_string()
+        })

-    def _attempt_login(self, correct_username=False, user=""):
-        response = self.client.post(
-        '/admin/', {'username': self._random_username(correct_username),
-                    'password': self._gen_bad_password()}
-         )
        return response

-    def test_login_max(self, correct_username=False):
+    def test_login_max(self, existing_username=False):
        for i in range(0, FAILURE_LIMIT - 1):
-            response = self._attempt_login(correct_username=correct_username)
-            self.assertContains(response, "this_is_the_login_form")
+            response = self._attempt_login(existing_username=existing_username)
+            # Check if we are in the same login page
+            self.assertEquals(response.status_code, 200)
+
        # So, we shouldn't have gotten a lock-out yet.
        # But we should get one now
        response = self._attempt_login()
-        self.assertContains(response, "Account locked")
+        self.assertContains(response, 'Account locked')

-    def test_login_max_with_more(self, correct_username=False):
+    def test_with_real_username_max(self):
+        self.test_login_max(existing_username=True)
+
+    def test_login_max_with_more_attempts(self, existing_username=False):
        for i in range(0, FAILURE_LIMIT - 1):
-            response = self._attempt_login(correct_username=correct_username)
-            self.assertContains(response, "this_is_the_login_form")
+            response = self._attempt_login(existing_username=existing_username)
+            # Check if we are in the same login page
+            self.assertEquals(response.status_code, 200)
+
        # So, we shouldn't have gotten a lock-out yet.
        # But we should get one now
        for i in range(0, random.randrange(1, 100)):
            # try to log in a bunch of times
            response = self._attempt_login()
-            self.assertContains(response, "Account locked")
-
-    def test_with_real_username_max(self):
-        self.test_login_max(correct_username=True)
+            self.assertContains(response, 'Account locked')

    def test_with_real_username_max_with_more(self):
-        self.test_login_max_with_more(correct_username=True)
+        self.test_login_max_with_more_attempts(existing_username=True)