auth: Replace deprecated password_reset_confirm.

Tests require adjusting, because the class-based view has an additional redirect - through /uid/set-password/ and the token is read from the session. See Django code of PasswordResetConfirmView.
2020-02-02 13:51:39 +01:00 · 2020-02-02 13:51:39 +01:00 · 05e08891b2
parent 3fec19d555
commit 05e08891b2
2 changed files with 12 additions and 7 deletions
--- a/zerver/tests/test_signup.py
+++ b/zerver/tests/test_signup.py
@ -3,6 +3,7 @@ import datetime
 from email.utils import parseaddr

 from django.conf import settings
+from django.contrib.auth.views import INTERNAL_RESET_URL_TOKEN
 from django.contrib.contenttypes.models import ContentType
 from django.http import HttpResponse
 from django.test import TestCase, override_settings
@ -240,18 +241,23 @@ class PasswordResetTest(ZulipTestCase):
        password_reset_url = self.get_confirmation_url_from_outbox(
            email, url_pattern=settings.EXTERNAL_HOST + r"(\S\S+)")
        result = self.client_get(password_reset_url)
+        self.assertEqual(result.status_code, 302)
+        self.assertTrue(result.url.endswith('/{}/'.format(INTERNAL_RESET_URL_TOKEN)))
+
+        final_reset_url = result.url
+        result = self.client_get(final_reset_url)
        self.assertEqual(result.status_code, 200)

        # Reset your password
        with self.settings(PASSWORD_MIN_LENGTH=3, PASSWORD_MIN_GUESSES=1000):
            # Verify weak passwords don't work.
-            result = self.client_post(password_reset_url,
+            result = self.client_post(final_reset_url,
                                      {'new_password1': 'easy',
                                       'new_password2': 'easy'})
            self.assert_in_response("The password is too weak.",
                                    result)

-            result = self.client_post(password_reset_url,
+            result = self.client_post(final_reset_url,
                                      {'new_password1': 'f657gdGGk9',
                                       'new_password2': 'f657gdGGk9'})
            # password reset succeeded
--- a/zproject/urls.py
+++ b/zproject/urls.py
@ -13,7 +13,7 @@ from zerver.lib.integrations import WEBHOOK_INTEGRATIONS


 from django.contrib.auth.views import (LoginView, password_reset_done,
-                                       password_reset_confirm, password_reset_complete)
+                                       PasswordResetConfirmView, password_reset_complete)

 import zerver.tornado.views
 import zerver.views
@ -459,10 +459,9 @@ i18n_urls = [
    url(r'^accounts/password/reset/done/$', password_reset_done,
        {'template_name': 'zerver/reset_emailed.html'}),
    url(r'^accounts/password/reset/(?P<uidb64>[0-9A-Za-z]+)/(?P<token>.+)/$',
-        password_reset_confirm,
-        {'post_reset_redirect': '/accounts/password/done/',
-         'template_name': 'zerver/reset_confirm.html',
-         'set_password_form': zerver.forms.LoggingSetPasswordForm},
+        PasswordResetConfirmView.as_view(success_url='/accounts/password/done/',
+                                         template_name='zerver/reset_confirm.html',
+                                         form_class=zerver.forms.LoggingSetPasswordForm),
        name='django.contrib.auth.views.password_reset_confirm'),
    url(r'^accounts/password/done/$', password_reset_complete,
        {'template_name': 'zerver/reset_done.html'}),