[1.7.x] Fixed a KeyError on login with legacy sessions; refs #21649.

Thanks Loic for the report. Backport of 11e30b684d from master
2025-10-31 09:41:08 +00:00 · 2014-04-10 08:03:50 -04:00
parent edaff9b0df
commit 548acd77fd
2 changed files with 17 additions and 1 deletions
--- a/django/contrib/auth/tests/test_views.py
+++ b/django/contrib/auth/tests/test_views.py
@@ -595,6 +595,22 @@ class LoginTest(AuthViewsTestCase):
        self.login(password='foobar')
        self.assertNotEqual(original_session_key, self.client.session.session_key)

+    def test_login_session_without_hash_session_key(self):
+        """
+        Session without django.contrib.auth.HASH_SESSION_KEY should login
+        without an exception.
+        """
+        user = User.objects.get(username='testclient')
+        engine = import_module(settings.SESSION_ENGINE)
+        session = engine.SessionStore()
+        session[SESSION_KEY] = user.id
+        session.save()
+        original_session_key = session.session_key
+        self.client.cookies[settings.SESSION_COOKIE_NAME] = original_session_key
+
+        self.login()
+        self.assertNotEqual(original_session_key, self.client.session.session_key)
+

@skipIfCustomUser
 class LoginURLSettings(AuthViewsTestCase):