diff --git a/zerver/tests/test_signup.py b/zerver/tests/test_signup.py index f65b8d7dfe..c43145fa53 100644 --- a/zerver/tests/test_signup.py +++ b/zerver/tests/test_signup.py @@ -3,6 +3,7 @@ import datetime from email.utils import parseaddr from django.conf import settings +from django.contrib.auth.views import INTERNAL_RESET_URL_TOKEN from django.contrib.contenttypes.models import ContentType from django.http import HttpResponse from django.test import TestCase, override_settings @@ -240,18 +241,23 @@ class PasswordResetTest(ZulipTestCase): password_reset_url = self.get_confirmation_url_from_outbox( email, url_pattern=settings.EXTERNAL_HOST + r"(\S\S+)") result = self.client_get(password_reset_url) + self.assertEqual(result.status_code, 302) + self.assertTrue(result.url.endswith('/{}/'.format(INTERNAL_RESET_URL_TOKEN))) + + final_reset_url = result.url + result = self.client_get(final_reset_url) self.assertEqual(result.status_code, 200) # Reset your password with self.settings(PASSWORD_MIN_LENGTH=3, PASSWORD_MIN_GUESSES=1000): # Verify weak passwords don't work. - result = self.client_post(password_reset_url, + result = self.client_post(final_reset_url, {'new_password1': 'easy', 'new_password2': 'easy'}) self.assert_in_response("The password is too weak.", result) - result = self.client_post(password_reset_url, + result = self.client_post(final_reset_url, {'new_password1': 'f657gdGGk9', 'new_password2': 'f657gdGGk9'}) # password reset succeeded diff --git a/zproject/urls.py b/zproject/urls.py index 0f877811ad..f024d46d17 100644 --- a/zproject/urls.py +++ b/zproject/urls.py @@ -13,7 +13,7 @@ from zerver.lib.integrations import WEBHOOK_INTEGRATIONS from django.contrib.auth.views import (LoginView, password_reset_done, - password_reset_confirm, password_reset_complete) + PasswordResetConfirmView, password_reset_complete) import zerver.tornado.views import zerver.views @@ -459,10 +459,9 @@ i18n_urls = [ url(r'^accounts/password/reset/done/$', password_reset_done, {'template_name': 'zerver/reset_emailed.html'}), url(r'^accounts/password/reset/(?P[0-9A-Za-z]+)/(?P.+)/$', - password_reset_confirm, - {'post_reset_redirect': '/accounts/password/done/', - 'template_name': 'zerver/reset_confirm.html', - 'set_password_form': zerver.forms.LoggingSetPasswordForm}, + PasswordResetConfirmView.as_view(success_url='/accounts/password/done/', + template_name='zerver/reset_confirm.html', + form_class=zerver.forms.LoggingSetPasswordForm), name='django.contrib.auth.views.password_reset_confirm'), url(r'^accounts/password/done/$', password_reset_complete, {'template_name': 'zerver/reset_done.html'}),