1
from __future__ import unicode_literals
5
from django.core import signing
6
from django.http import HttpRequest, HttpResponse
7
from django.test import TestCase
10
class SignedCookieTest(TestCase):
12
def test_can_set_and_read_signed_cookies(self):
13
response = HttpResponse()
14
response.set_signed_cookie('c', 'hello')
15
self.assertIn('c', response.cookies)
16
self.assertTrue(response.cookies['c'].value.startswith('hello:'))
17
request = HttpRequest()
18
request.COOKIES['c'] = response.cookies['c'].value
19
value = request.get_signed_cookie('c')
20
self.assertEqual(value, 'hello')
22
def test_can_use_salt(self):
23
response = HttpResponse()
24
response.set_signed_cookie('a', 'hello', salt='one')
25
request = HttpRequest()
26
request.COOKIES['a'] = response.cookies['a'].value
27
value = request.get_signed_cookie('a', salt='one')
28
self.assertEqual(value, 'hello')
29
self.assertRaises(signing.BadSignature,
30
request.get_signed_cookie, 'a', salt='two')
32
def test_detects_tampering(self):
33
response = HttpResponse()
34
response.set_signed_cookie('c', 'hello')
35
request = HttpRequest()
36
request.COOKIES['c'] = response.cookies['c'].value[:-2] + '$$'
37
self.assertRaises(signing.BadSignature,
38
request.get_signed_cookie, 'c')
40
def test_default_argument_supresses_exceptions(self):
41
response = HttpResponse()
42
response.set_signed_cookie('c', 'hello')
43
request = HttpRequest()
44
request.COOKIES['c'] = response.cookies['c'].value[:-2] + '$$'
45
self.assertEqual(request.get_signed_cookie('c', default=None), None)
47
def test_max_age_argument(self):
50
time.time = lambda: 123456789
52
response = HttpResponse()
53
response.set_signed_cookie('c', value)
54
request = HttpRequest()
55
request.COOKIES['c'] = response.cookies['c'].value
56
self.assertEqual(request.get_signed_cookie('c'), value)
58
time.time = lambda: 123456800
59
self.assertEqual(request.get_signed_cookie('c', max_age=12), value)
60
self.assertEqual(request.get_signed_cookie('c', max_age=11), value)
61
self.assertRaises(signing.SignatureExpired,
62
request.get_signed_cookie, 'c', max_age = 10)