diff options
author | Claude Paroz <claude@2xlibre.net> | 2020-02-15 12:20:37 +0100 |
---|---|---|
committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-03-02 12:16:48 +0100 |
commit | d4fff711d4c97356bd6ba1273d2a5e349326eb5f (patch) | |
tree | a8522faded6f99d2bd3299e4cb439b22b848ea38 /tests/sessions_tests | |
parent | daaa894960e1b2bce8ee31b7c109be84f598a84e (diff) | |
download | django-d4fff711d4c97356bd6ba1273d2a5e349326eb5f.tar.gz |
Fixed #31274 -- Used signing infrastructure in SessionBase.encode()/decode().
Thanks Mariusz Felisiak and Florian Apolloner for the reviews.
Diffstat (limited to 'tests/sessions_tests')
-rw-r--r-- | tests/sessions_tests/tests.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/tests/sessions_tests/tests.py b/tests/sessions_tests/tests.py index fa675fe63d..6c6d7dd3f2 100644 --- a/tests/sessions_tests/tests.py +++ b/tests/sessions_tests/tests.py @@ -311,6 +311,18 @@ class SessionTestsMixin: encoded = self.session.encode(data) self.assertEqual(self.session.decode(encoded), data) + @override_settings(SECRET_KEY='django_tests_secret_key') + def test_decode_legacy(self): + # RemovedInDjango40Warning: pre-Django 3.1 sessions will be invalid. + legacy_encoded = ( + 'OWUzNTNmNWQxNTBjOWExZmM4MmQ3NzNhMDRmMjU4NmYwNDUyNGI2NDp7ImEgdGVzd' + 'CBrZXkiOiJhIHRlc3QgdmFsdWUifQ==' + ) + self.assertEqual( + self.session.decode(legacy_encoded), + {'a test key': 'a test value'}, + ) + def test_decode_failure_logged_to_security(self): bad_encode = base64.b64encode(b'flaskdj:alkdjf').decode('ascii') with self.assertLogs('django.security.SuspiciousSession', 'WARNING') as cm: |