Skip to content

Commit

Permalink
Merge pull request #2259 from tomchristie/testclient-logout-also-canc…
Browse files Browse the repository at this point in the history
…els-force-authenticate

`Client.logout()` also clears any `force_authenticate`
  • Loading branch information
tomchristie committed Dec 12, 2014
2 parents 903fb5f + 8825b25 commit fd473aa
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 5 deletions.
5 changes: 5 additions & 0 deletions rest_framework/test.py
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,11 @@ def options(self, path, data=None, format=None, content_type=None,

def logout(self):
self._credentials = {}

# Also clear any `force_authenticate`
self.handler._force_user = None
self.handler._force_token = None

return super(APIClient, self).logout()


Expand Down
20 changes: 15 additions & 5 deletions tests/test_testing.py
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
# -- coding: utf-8 --

# encoding: utf-8
from __future__ import unicode_literals
from django.conf.urls import patterns, url
from io import BytesIO

from django.contrib.auth.models import User
from django.shortcuts import redirect
from django.test import TestCase
from rest_framework.decorators import api_view
from rest_framework.response import Response
from rest_framework.test import APIClient, APIRequestFactory, force_authenticate
from io import BytesIO


@api_view(['GET', 'POST'])
Expand Down Expand Up @@ -109,7 +107,7 @@ def test_explicitly_enforce_csrf_checks(self):

def test_can_logout(self):
"""
`logout()` reset stored credentials
`logout()` resets stored credentials
"""
self.client.credentials(HTTP_AUTHORIZATION='example')
response = self.client.get('/view/')
Expand All @@ -118,6 +116,18 @@ def test_can_logout(self):
response = self.client.get('/view/')
self.assertEqual(response.data['auth'], b'')

def test_logout_resets_force_authenticate(self):
"""
`logout()` resets any `force_authenticate`
"""
user = User.objects.create_user('example', '[email protected]', 'password')
self.client.force_authenticate(user)
response = self.client.get('/view/')
self.assertEqual(response.data['user'], 'example')
self.client.logout()
response = self.client.get('/view/')
self.assertEqual(response.data['user'], '')

def test_follow_redirect(self):
"""
Follow redirect by setting follow argument.
Expand Down

0 comments on commit fd473aa

Please sign in to comment.