Fixed #20079 -- Improve security of password reset tokens

2025-10-27 23:56:08 +00:00 · 2013-06-18 20:02:00 +02:00
parent 2c4fe761a0
commit aeb1389442
6 changed files with 27 additions and 19 deletions
--- a/django/contrib/auth/tests/test_models.py
+++ b/django/contrib/auth/tests/test_models.py
@@ -87,7 +87,7 @@ class UserManagerTestCase(TestCase):
        user = User.objects.create_user('user', email_lowercase)
        self.assertEqual(user.email, email_lowercase)
        self.assertEqual(user.username, 'user')
-        self.assertEqual(user.password, '!')
+        self.assertFalse(user.has_usable_password())

    def test_create_user_email_domain_normalize_rfc3696(self):
        # According to  http://tools.ietf.org/html/rfc3696#section-3