diff options
| -rw-r--r-- | rest_framework/test.py | 5 | ||||
| -rw-r--r-- | tests/test_testing.py | 14 |
2 files changed, 18 insertions, 1 deletions
diff --git a/rest_framework/test.py b/rest_framework/test.py index 74d2c868..4f4b7c20 100644 --- a/rest_framework/test.py +++ b/rest_framework/test.py @@ -204,6 +204,11 @@ class APIClient(APIRequestFactory, DjangoClient): def logout(self): self._credentials = {} + + # Also clear any `force_authenticate` + self.handler._force_user = None + self.handler._force_token = None + return super(APIClient, self).logout() diff --git a/tests/test_testing.py b/tests/test_testing.py index 9fd5966e..f5d2cbcd 100644 --- a/tests/test_testing.py +++ b/tests/test_testing.py @@ -109,7 +109,7 @@ class TestAPITestClient(TestCase): def test_can_logout(self): """ - `logout()` reset stored credentials + `logout()` resets stored credentials """ self.client.credentials(HTTP_AUTHORIZATION='example') response = self.client.get('/view/') @@ -118,6 +118,18 @@ class TestAPITestClient(TestCase): response = self.client.get('/view/') self.assertEqual(response.data['auth'], b'') + def test_logout_resets_force_authenticate(self): + """ + `logout()` resets any `force_authenticate` + """ + user = User.objects.create_user('example', 'example@example.com', 'password') + self.client.force_authenticate(user) + response = self.client.get('/view/') + self.assertEqual(response.data['user'], 'example') + self.client.logout() + response = self.client.get('/view/') + self.assertEqual(response.data['user'], b'') + def test_follow_redirect(self): """ Follow redirect by setting follow argument. |