From e0393bb2eb0b580d3e9c16760a0ee50963db6aad Mon Sep 17 00:00:00 2001
From: Ken Cochrane <KenCochrane@gmail.com>
Date: Fri, 2 Jan 2015 15:43:38 -0500
Subject: [PATCH] added unit test for custom lockout template

---
 README.md                                | 12 +++++++++---
 defender/templates/defender/lockout.html |  7 +++++++
 defender/tests.py                        | 21 +++++++++++++++++++++
 3 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 defender/templates/defender/lockout.html

diff --git a/README.md b/README.md
index 283911b..80713cd 100644
--- a/README.md
+++ b/README.md
@@ -199,7 +199,7 @@ AND a user agent.  This means requests from different user agents but from
 the same IP are treated differently.  Default: ``False``
 * ``DEFENDER_COOLOFF_TIME``: If set, defines a period of inactivity after which
 old failed login attempts will be forgotten. An integer, will be interpreted as a
-number of seconds.  Default: ``300``
+number of seconds. If ``0``, the locks will not expire. Default: ``300``
 * ``DEFENDER_LOCKOUT_TEMPLATE``: If set, specifies a template to render when a
 user is locked out. Template receives cooloff_time and failure_limit as
 context variables. Default: ``None``
@@ -219,9 +219,15 @@ Default: ``redis://localhost:6379/0``
 Running Tests
 =============
 
-Tests can be run, after you clone the repository and having django installed,
-    like:
+Tests can be run, after you clone the repository and having Django installed,
+like:
 
 ```
 $ PYTHONPATH=$PYTHONPATH:$PWD django-admin.py test defender --settings=defender.test_settings
 ```
+
+With Code coverage:
+
+```
+PYTHONPATH=$PYTHONPATH:$PWD coverage run --source=defender $(which django-admin.py) test defender --settings=defender.test_settings
+```
diff --git a/defender/templates/defender/lockout.html b/defender/templates/defender/lockout.html
new file mode 100644
index 0000000..d84ec21
--- /dev/null
+++ b/defender/templates/defender/lockout.html
@@ -0,0 +1,7 @@
+<html>
+<body>
+<h1>Locked out</h1>
+<p>Your have attempted to login {{failure_limit}} times, with no success.
+Your account is locked for {{cooloff_time}} seconds</p>
+</body>
+</html>
diff --git a/defender/tests.py b/defender/tests.py
index 14e854c..2dfb089 100644
--- a/defender/tests.py
+++ b/defender/tests.py
@@ -211,6 +211,27 @@ class AccessAttemptTest(TestCase):
         self.assertEquals(response.status_code, 302)
         self.assertEquals(response['Location'], 'http://testserver/o/login/')
 
+    @patch('defender.config.LOCKOUT_TEMPLATE', 'defender/lockout.html')
+    def test_failed_login_redirect_to_template(self):
+        """ Test to make sure that after lockout we send to the correct
+        template """
+
+        for i in range(0, config.FAILURE_LIMIT):
+            response = self._login()
+            # Check if we are in the same login page
+            self.assertContains(response, LOGIN_FORM_KEY)
+
+        # So, we shouldn't have gotten a lock-out yet.
+        # But we should get one now, check template make sure it is valid.
+        response = self._login()
+        self.assertEquals(response.status_code, 200)
+        self.assertTemplateUsed(response, 'defender/lockout.html')
+
+        # doing a get should also get locked out message
+        response = self.client.get(ADMIN_LOGIN_URL)
+        self.assertEquals(response.status_code, 200)
+        self.assertTemplateUsed(response, 'defender/lockout.html')
+
     @patch('defender.config.COOLOFF_TIME', 0)
     def test_failed_login_no_cooloff(self):
         for i in range(0, config.FAILURE_LIMIT):