Loading django/contrib/auth/tests/templates/registration/password_reset_confirm.html +3 −1 Original line number Diff line number Diff line Hello, {{ form.user }}. {% if validlink %} Please enter your new password: {{ form }} {% else %} Loading django/contrib/auth/tests/test_views.py +16 −0 Original line number Diff line number Diff line Loading @@ -307,6 +307,22 @@ class PasswordResetTest(AuthViewsTestCase): self.assertEqual(response.status_code, 302) self.assertURLEqual(response.url, '/password_reset/') def test_confirm_display_user_from_form(self): url, path = self._test_confirm_start() response = self.client.get(path) # #16919 -- The ``password_reset_confirm`` view should pass the user # object to the ``SetPasswordForm``, even on GET requests. # For this test, we render ``{{ form.user }}`` in the template # ``registration/password_reset_confirm.html`` so that we can test this. username = User.objects.get(email='staffmember@example.com').username self.assertContains(response, "Hello, %s." % username) # However, the view should NOT pass any user object on a form if the # password reset link was invalid. response = self.client.get('/reset/zzzzzzzzzzzzz/1-1/') self.assertContains(response, "Hello, .") @override_settings(AUTH_USER_MODEL='auth.CustomUser') class CustomUserPasswordResetTest(AuthViewsTestCase): Loading django/contrib/auth/views.py +1 −1 Original line number Diff line number Diff line Loading @@ -216,7 +216,7 @@ def password_reset_confirm(request, uidb64=None, token=None, form.save() return HttpResponseRedirect(post_reset_redirect) else: form = set_password_form(None) form = set_password_form(user) else: validlink = False form = None Loading Loading
django/contrib/auth/tests/templates/registration/password_reset_confirm.html +3 −1 Original line number Diff line number Diff line Hello, {{ form.user }}. {% if validlink %} Please enter your new password: {{ form }} {% else %} Loading
django/contrib/auth/tests/test_views.py +16 −0 Original line number Diff line number Diff line Loading @@ -307,6 +307,22 @@ class PasswordResetTest(AuthViewsTestCase): self.assertEqual(response.status_code, 302) self.assertURLEqual(response.url, '/password_reset/') def test_confirm_display_user_from_form(self): url, path = self._test_confirm_start() response = self.client.get(path) # #16919 -- The ``password_reset_confirm`` view should pass the user # object to the ``SetPasswordForm``, even on GET requests. # For this test, we render ``{{ form.user }}`` in the template # ``registration/password_reset_confirm.html`` so that we can test this. username = User.objects.get(email='staffmember@example.com').username self.assertContains(response, "Hello, %s." % username) # However, the view should NOT pass any user object on a form if the # password reset link was invalid. response = self.client.get('/reset/zzzzzzzzzzzzz/1-1/') self.assertContains(response, "Hello, .") @override_settings(AUTH_USER_MODEL='auth.CustomUser') class CustomUserPasswordResetTest(AuthViewsTestCase): Loading
django/contrib/auth/views.py +1 −1 Original line number Diff line number Diff line Loading @@ -216,7 +216,7 @@ def password_reset_confirm(request, uidb64=None, token=None, form.save() return HttpResponseRedirect(post_reset_redirect) else: form = set_password_form(None) form = set_password_form(user) else: validlink = False form = None Loading
