Fixed #35303 -- Implemented async auth backends and utils.

2025-08-04 10:59:45 +00:00 · 2024-03-31 12:29:10 -07:00 · 2024-03-31 12:29:10 -07:00 · 50f89ae850
commit 50f89ae850
parent 4cad317ff1
17 changed files with 1285 additions and 61 deletions
--- a/tests/auth_tests/test_basic.py
+++ b/tests/auth_tests/test_basic.py
@ -1,5 +1,3 @@
-from asgiref.sync import sync_to_async
-
 from django.conf import settings
 from django.contrib.auth import aget_user, get_user, get_user_model
 from django.contrib.auth.models import AnonymousUser, User
@ -44,6 +42,12 @@ class BasicTestCase(TestCase):
        u2 = User.objects.create_user("testuser2", "test2@example.com")
        self.assertFalse(u2.has_usable_password())

+    async def test_acreate(self):
+        u = await User.objects.acreate_user("testuser", "test@example.com", "testpw")
+        self.assertTrue(u.has_usable_password())
+        self.assertFalse(await u.acheck_password("bad"))
+        self.assertTrue(await u.acheck_password("testpw"))
+
    def test_unicode_username(self):
        User.objects.create_user("jörg")
        User.objects.create_user("Григорий")
@ -73,6 +77,15 @@ class BasicTestCase(TestCase):
        self.assertTrue(super.is_active)
        self.assertTrue(super.is_staff)

+    async def test_asuperuser(self):
+        "Check the creation and properties of a superuser"
+        super = await User.objects.acreate_superuser(
+            "super", "super@example.com", "super"
+        )
+        self.assertTrue(super.is_superuser)
+        self.assertTrue(super.is_active)
+        self.assertTrue(super.is_staff)
+
    def test_superuser_no_email_or_password(self):
        cases = [
            {},
@ -171,13 +184,25 @@ class TestGetUser(TestCase):
            self.assertIsInstance(user, User)
            self.assertEqual(user.username, created_user.username)

-    async def test_aget_user(self):
-        created_user = await sync_to_async(User.objects.create_user)(
+    async def test_aget_user_fallback_secret(self):
+        created_user = await User.objects.acreate_user(
            "testuser", "test@example.com", "testpw"
        )
        await self.client.alogin(username="testuser", password="testpw")
        request = HttpRequest()
        request.session = await self.client.asession()
-        user = await aget_user(request)
-        self.assertIsInstance(user, User)
-        self.assertEqual(user.username, created_user.username)
+        prev_session_key = request.session.session_key
+        with override_settings(
+            SECRET_KEY="newsecret",
+            SECRET_KEY_FALLBACKS=[settings.SECRET_KEY],
+        ):
+            user = await aget_user(request)
+            self.assertIsInstance(user, User)
+            self.assertEqual(user.username, created_user.username)
+            self.assertNotEqual(request.session.session_key, prev_session_key)
+        # Remove the fallback secret.
+        # The session hash should be updated using the current secret.
+        with override_settings(SECRET_KEY="newsecret"):
+            user = await aget_user(request)
+            self.assertIsInstance(user, User)
+            self.assertEqual(user.username, created_user.username)