Loading django/contrib/auth/management/__init__.py +1 −1 Original line number Diff line number Diff line Loading @@ -108,7 +108,7 @@ def get_default_username(check_db=True): default_username = get_system_username() try: default_username = unicodedata.normalize('NFKD', default_username)\ .encode('ascii', 'ignore').replace(' ', '').lower() .encode('ascii', 'ignore').decode('ascii').replace(' ', '').lower() except UnicodeDecodeError: return '' if not RE_VALID_USERNAME.match(default_username): Loading django/contrib/auth/tests/tokens.py +3 −0 Original line number Diff line number Diff line import sys from datetime import date, timedelta from django.conf import settings from django.contrib.auth.models import User from django.contrib.auth.tokens import PasswordResetTokenGenerator from django.test import TestCase from django.utils import unittest class TokenGeneratorTest(TestCase): Loading Loading @@ -51,6 +53,7 @@ class TokenGeneratorTest(TestCase): p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)) self.assertFalse(p2.check_token(user, tk1)) @unittest.skipIf(sys.version_info[:2] >= (3, 0), "Unnecessary test with Python 3") def test_date_length(self): """ Make sure we don't allow overly long dates, causing a potential DoS. Loading django/contrib/auth/views.py +1 −1 Original line number Diff line number Diff line Loading @@ -200,7 +200,7 @@ def password_reset_confirm(request, uidb36=None, token=None, try: uid_int = base36_to_int(uidb36) user = User.objects.get(id=uid_int) except (ValueError, User.DoesNotExist): except (ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and token_generator.check_token(user, token): Loading Loading
django/contrib/auth/management/__init__.py +1 −1 Original line number Diff line number Diff line Loading @@ -108,7 +108,7 @@ def get_default_username(check_db=True): default_username = get_system_username() try: default_username = unicodedata.normalize('NFKD', default_username)\ .encode('ascii', 'ignore').replace(' ', '').lower() .encode('ascii', 'ignore').decode('ascii').replace(' ', '').lower() except UnicodeDecodeError: return '' if not RE_VALID_USERNAME.match(default_username): Loading
django/contrib/auth/tests/tokens.py +3 −0 Original line number Diff line number Diff line import sys from datetime import date, timedelta from django.conf import settings from django.contrib.auth.models import User from django.contrib.auth.tokens import PasswordResetTokenGenerator from django.test import TestCase from django.utils import unittest class TokenGeneratorTest(TestCase): Loading Loading @@ -51,6 +53,7 @@ class TokenGeneratorTest(TestCase): p2 = Mocked(date.today() + timedelta(settings.PASSWORD_RESET_TIMEOUT_DAYS + 1)) self.assertFalse(p2.check_token(user, tk1)) @unittest.skipIf(sys.version_info[:2] >= (3, 0), "Unnecessary test with Python 3") def test_date_length(self): """ Make sure we don't allow overly long dates, causing a potential DoS. Loading
django/contrib/auth/views.py +1 −1 Original line number Diff line number Diff line Loading @@ -200,7 +200,7 @@ def password_reset_confirm(request, uidb36=None, token=None, try: uid_int = base36_to_int(uidb36) user = User.objects.get(id=uid_int) except (ValueError, User.DoesNotExist): except (ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and token_generator.check_token(user, token): Loading
