You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by jo...@apache.org on 2013/11/07 22:07:19 UTC
[06/14] git commit: [#6783] ticket:463 fixed view and tests
[#6783] ticket:463 fixed view and tests
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/c80b0cda
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/c80b0cda
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/c80b0cda
Branch: refs/heads/master
Commit: c80b0cda9f61cb1cbded2dcc7db74bbd8d0591e2
Parents: b7aced8
Author: coldmind <so...@yandex.ru>
Authored: Sat Oct 26 02:18:53 2013 +0300
Committer: Cory Johns <cj...@slashdotmedia.com>
Committed: Thu Nov 7 21:05:03 2013 +0000
----------------------------------------------------------------------
Allura/allura/controllers/auth.py | 4 ++--
Allura/allura/tests/model/test_auth.py | 13 +++++++++++++
2 files changed, 15 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/c80b0cda/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 9ecab1c..700db60 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -170,7 +170,7 @@ class AuthController(BaseController):
flash('Hash was not found')
redirect('/')
hash_expiry = user_record.get_tool_data('AuthPasswordReset', 'hash_expiry')
- if not hash_expiry or hash_expiry < datetime.datetime.now():
+ if not hash_expiry or hash_expiry < datetime.datetime.utcnow():
flash('Hash time was expired.')
redirect('/')
if request.method == 'POST':
@@ -191,7 +191,7 @@ class AuthController(BaseController):
hash = h.nonce(42)
user_record.set_tool_data('AuthPasswordReset',
hash=hash,
- hash_expiry=datetime.datetime.now() +
+ hash_expiry=datetime.datetime.utcnow() +
datetime.timedelta(hours=int(config['auth.recovery_hash_expiry_period'])))
log.info('Sending password recovery link to %s', email)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/c80b0cda/Allura/allura/tests/model/test_auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/model/test_auth.py b/Allura/allura/tests/model/test_auth.py
index 755e0d1..027ae01 100644
--- a/Allura/allura/tests/model/test_auth.py
+++ b/Allura/allura/tests/model/test_auth.py
@@ -36,6 +36,7 @@ from allura.tests import TestController
from allura.lib.helpers import push_config
from tg import config
from mock import patch
+import datetime
def setUp():
@@ -285,3 +286,15 @@ To reset your password on %s, please visit the following URL:
subject='Password recovery',
message_id=gen_message_id(),
text=text)
+ user = M.User.query.get(username='test-admin')
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+ assert_equal(hash, '')
+ assert_equal(hash_expiry, '')
+
+ r = self.app.post('/auth/password_recovery_hash', {'email': email._id})
+ hash = user.get_tool_data('AuthPasswordReset', 'hash')
+ hash_expiry = user.get_tool_data('AuthPasswordReset', 'hash_expiry')
+ user.set_tool_data('AuthPasswordReset', hash_expiry=hash_expiry-datetime.timedelta(hours=1))
+ r = self.app.post('/auth/forgotten_password/%s' % hash, {'pw': 154321, 'pw2': 154321})
+ assert_equal(r.status, '302 Found')