diff options
| author | Tom Christie | 2014-12-12 13:33:06 +0000 |
|---|---|---|
| committer | Tom Christie | 2014-12-12 13:33:06 +0000 |
| commit | fd473aa905337908b41c9a1087967a19f0558f89 (patch) | |
| tree | d72f3f613bbe51716355b9d1d68e5905c2bb2307 | |
| parent | 903fb5ff96615064bf33cfb1dc9882fffe90f5c4 (diff) | |
| parent | 8825b258caa0c51d6dcdb3529dc433c75a76339d (diff) | |
| download | django-rest-framework-fd473aa905337908b41c9a1087967a19f0558f89.tar.bz2 | |
Merge pull request #2259 from tomchristie/testclient-logout-also-cancels-force-authenticate
`Client.logout()` also clears any `force_authenticate`
| -rw-r--r-- | rest_framework/test.py | 5 | ||||
| -rw-r--r-- | tests/test_testing.py | 20 |
2 files changed, 20 insertions, 5 deletions
diff --git a/rest_framework/test.py b/rest_framework/test.py index 74d2c868..4f4b7c20 100644 --- a/rest_framework/test.py +++ b/rest_framework/test.py @@ -204,6 +204,11 @@ class APIClient(APIRequestFactory, DjangoClient): def logout(self): self._credentials = {} + + # Also clear any `force_authenticate` + self.handler._force_user = None + self.handler._force_token = None + return super(APIClient, self).logout() diff --git a/tests/test_testing.py b/tests/test_testing.py index 9fd5966e..87d2b61f 100644 --- a/tests/test_testing.py +++ b/tests/test_testing.py @@ -1,15 +1,13 @@ -# -- coding: utf-8 -- - +# encoding: utf-8 from __future__ import unicode_literals from django.conf.urls import patterns, url -from io import BytesIO - from django.contrib.auth.models import User from django.shortcuts import redirect from django.test import TestCase from rest_framework.decorators import api_view from rest_framework.response import Response from rest_framework.test import APIClient, APIRequestFactory, force_authenticate +from io import BytesIO @api_view(['GET', 'POST']) @@ -109,7 +107,7 @@ class TestAPITestClient(TestCase): def test_can_logout(self): """ - `logout()` reset stored credentials + `logout()` resets stored credentials """ self.client.credentials(HTTP_AUTHORIZATION='example') response = self.client.get('/view/') @@ -118,6 +116,18 @@ class TestAPITestClient(TestCase): response = self.client.get('/view/') self.assertEqual(response.data['auth'], b'') + def test_logout_resets_force_authenticate(self): + """ + `logout()` resets any `force_authenticate` + """ + user = User.objects.create_user('example', 'example@example.com', 'password') + self.client.force_authenticate(user) + response = self.client.get('/view/') + self.assertEqual(response.data['user'], 'example') + self.client.logout() + response = self.client.get('/view/') + self.assertEqual(response.data['user'], '') + def test_follow_redirect(self): """ Follow redirect by setting follow argument. |