added unit test for custom lockout template

2026-05-12 17:43:14 +00:00 · 2015-01-02 15:43:38 -05:00 · 2015-01-02 15:43:38 -05:00 · e0393bb2eb
commit e0393bb2eb
parent 2149ef8617
3 changed files with 37 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -199,7 +199,7 @@ AND a user agent.  This means requests from different user agents but from
 the same IP are treated differently.  Default: ``False``
 * ``DEFENDER_COOLOFF_TIME``: If set, defines a period of inactivity after which
 old failed login attempts will be forgotten. An integer, will be interpreted as a
-number of seconds.  Default: ``300``
+number of seconds. If ``0``, the locks will not expire. Default: ``300``
 * ``DEFENDER_LOCKOUT_TEMPLATE``: If set, specifies a template to render when a
 user is locked out. Template receives cooloff_time and failure_limit as
 context variables. Default: ``None``
@ -219,9 +219,15 @@ Default: ``redis://localhost:6379/0``
 Running Tests
 =============

-Tests can be run, after you clone the repository and having django installed,
-    like:
+Tests can be run, after you clone the repository and having Django installed,
+like:

 ```
 $ PYTHONPATH=$PYTHONPATH:$PWD django-admin.py test defender --settings=defender.test_settings
 ```
+
+With Code coverage:
+
+```
+PYTHONPATH=$PYTHONPATH:$PWD coverage run --source=defender $(which django-admin.py) test defender --settings=defender.test_settings
+```
--- a/defender/templates/defender/lockout.html
+++ b/defender/templates/defender/lockout.html
@ -0,0 +1,7 @@
+<html>
+<body>
+<h1>Locked out</h1>
+<p>Your have attempted to login {{failure_limit}} times, with no success.
+Your account is locked for {{cooloff_time}} seconds</p>
+</body>
+</html>
--- a/defender/tests.py
+++ b/defender/tests.py
@ -211,6 +211,27 @@ class AccessAttemptTest(TestCase):
        self.assertEquals(response.status_code, 302)
        self.assertEquals(response['Location'], 'http://testserver/o/login/')

+    @patch('defender.config.LOCKOUT_TEMPLATE', 'defender/lockout.html')
+    def test_failed_login_redirect_to_template(self):
+        """ Test to make sure that after lockout we send to the correct
+        template """
+
+        for i in range(0, config.FAILURE_LIMIT):
+            response = self._login()
+            # Check if we are in the same login page
+            self.assertContains(response, LOGIN_FORM_KEY)
+
+        # So, we shouldn't have gotten a lock-out yet.
+        # But we should get one now, check template make sure it is valid.
+        response = self._login()
+        self.assertEquals(response.status_code, 200)
+        self.assertTemplateUsed(response, 'defender/lockout.html')
+
+        # doing a get should also get locked out message
+        response = self.client.get(ADMIN_LOGIN_URL)
+        self.assertEquals(response.status_code, 200)
+        self.assertTemplateUsed(response, 'defender/lockout.html')
+
    @patch('defender.config.COOLOFF_TIME', 0)
    def test_failed_login_no_cooloff(self):
        for i in range(0, config.FAILURE_LIMIT):