diff options
| author | Robert Buchholz <rbu@goodpoint.de> | 2011-11-02 16:56:00 +0100 |
|---|---|---|
| committer | Robert Buchholz <rbu@goodpoint.de> | 2011-11-02 16:57:39 +0100 |
| commit | 4d20038ead23d708bdcbbeacb3c2a09496c10930 (patch) | |
| tree | 7e14f214753b16e5f8e34ed1b9a11499a08e5737 | |
| parent | 42ef9d76250b51ce2581f1743abde5896708c39f (diff) | |
| download | pyramid-4d20038ead23d708bdcbbeacb3c2a09496c10930.tar.gz pyramid-4d20038ead23d708bdcbbeacb3c2a09496c10930.tar.bz2 pyramid-4d20038ead23d708bdcbbeacb3c2a09496c10930.zip | |
DummySession: Correctly implement ISession by generating CSRF token if it's missing
| -rw-r--r-- | pyramid/testing.py | 6 | ||||
| -rw-r--r-- | pyramid/tests/test_testing.py | 5 |
2 files changed, 10 insertions, 1 deletions
diff --git a/pyramid/testing.py b/pyramid/testing.py index e1011f5b4..0e27c301e 100644 --- a/pyramid/testing.py +++ b/pyramid/testing.py @@ -620,7 +620,11 @@ class DummySession(dict): return token def get_csrf_token(self): - return self.get('_csrft_', None) + token = self.get('_csrft_', None) + if token is None: + token = self.new_csrf_token() + return token + @implementer(IRequest) class DummyRequest(DeprecatedRequestMethodsMixin, URLMethodsMixin, diff --git a/pyramid/tests/test_testing.py b/pyramid/tests/test_testing.py index 05ef36fe9..5b0073b81 100644 --- a/pyramid/tests/test_testing.py +++ b/pyramid/tests/test_testing.py @@ -894,6 +894,11 @@ class TestDummySession(unittest.TestCase): self.assertEqual(token, 'token') self.assertTrue('_csrft_' in session) + def test_get_csrf_token_generates_token(self): + session = self._makeOne() + token = session.get_csrf_token() + self.assertNotEqual(token, None) + self.assertTrue(len(token) >= 1) from zope.interface import Interface from zope.interface import implementer |