Context Navigation

← Previous Ticket
Next Ticket →

#14446 closed (fixed)

auth.views.password_reset_confirm should never be cached

Reported by:	Paul McMillan	Owned by:	Paul McMillan
Component:	contrib.auth	Version:	1.2
Severity:		Keywords:
Cc:		Triage Stage:	Ready for checkin
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	no	UI/UX:	no

Description (last modified by Gabriel Hurley)

I'm splitting this issue off from #14105, as it is separate from the meat of that ticket.

Django.contrib.auth.views.password_reset_confirm needs the never_cache decorator.

To reproduce:

1. Start a new project. Add  django.contrib.admin  and setup a sqlite database. Run manage.py test auth. Result: OK.

2. Relevant bits of settings.py:

    MIDDLEWARE_CLASSES = (
        'django.middleware.cache.UpdateCacheMiddleware',
        'django.middleware.common.CommonMiddleware',
        'django.middleware.cache.FetchFromCacheMiddleware,
    )
    CACHE_BACKEND = 'locmem://'

Run manage.py test auth. Result: (failures=1, errors=11)

This issue is that single failure.

Attachments (1)

password_reset_fix.diff (665 bytes ) - added by Paul McMillan 14 years ago.: Adds the necessary never_cache decorator

Download all attachments as: .zip

Change History (5)

by Paul McMillan, 14 years ago

Attachment:	password_reset_fix.diff added

Adds the necessary never_cache decorator

comment:1 by Gabriel Hurley, 14 years ago

Description:	modified (diff)
Triage Stage:	Unreviewed → Ready for checkin

I can confirm that this patch fixes this test failure, specifically:

======================================================================
FAIL: test_confirm_valid (django.contrib.auth.tests.views.PasswordResetTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "C:\Development\django\trunk\django\contrib\auth\tests\views.py", line 91, in test_confirm_valid
    self.assert_("Please enter your new password" in response.content)
AssertionError: False is not True

----------------------------------------------------------------------

The other 11 errors remaining when running the tests under these conditions are still related to #14105.

Updated the description to make it easier to duplicate if anyone else wants to check it prior to committing. Marking as RFC.

comment:2 by Jannis Leidel, 14 years ago

Resolution:	→ fixed
Status:	new → closed

(In [14890]) Fixed #14446 -- Prevented the password reset confirmation view to be cached. Thanks, Paul and Gabriel.

comment:3 by Jannis Leidel, 14 years ago

(In [14909]) [1.2.X] Fixed #14446 -- Prevented the password reset confirmation view to be cached. Thanks, Paul and Gabriel.

Backport from trunk (r14890).

comment:4 by Jacob, 13 years ago

milestone:	1.3

Milestone 1.3 deleted

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues

Context Navigation

#14446 closed (fixed)

auth.views.password_reset_confirm should never be cached

Description (last modified by Gabriel Hurley)

Attachments (1)

Change History (5)

by Paul McMillan, 14 years ago

comment:1 by Gabriel Hurley, 14 years ago

comment:2 by Jannis Leidel, 14 years ago

comment:3 by Jannis Leidel, 14 years ago

comment:4 by Jacob, 13 years ago

Download in other formats:

Django Links

Learn More

Get Involved

Get Help

Follow Us

Support Us