Brought back pass verification + added test

2024-11-10 19:26:35 +03:00 · 2016-01-05 14:56:11 +01:00 · 2016-01-05 14:56:11 +01:00 · 99c4dc9d05
commit 99c4dc9d05
parent ec91620550
4 changed files with 25 additions and 9 deletions
--- a/docs/api_endpoints.rst
+++ b/docs/api_endpoints.rst
@ -51,7 +51,8 @@ Registration
 - /rest-auth/registration/ (POST)

    - username
-    - password
+    - password1
+    - password2
    - email

 - /rest-auth/registration/verify-email/ (POST)
--- a/rest_auth/registration/serializers.py
+++ b/rest_auth/registration/serializers.py
@ -122,11 +122,13 @@ class SocialLoginSerializer(serializers.Serializer):

 class RegisterSerializer(serializers.Serializer):
    username = serializers.CharField(
-                               max_length=get_username_max_length(),
-                               min_length=allauth_settings.USERNAME_MIN_LENGTH,
-                               required=allauth_settings.USERNAME_REQUIRED)
+        max_length=get_username_max_length(),
+        min_length=allauth_settings.USERNAME_MIN_LENGTH,
+        required=allauth_settings.USERNAME_REQUIRED
+    )
    email = serializers.EmailField(required=allauth_settings.EMAIL_REQUIRED)
-    password = serializers.CharField(required=True, write_only=True)
+    password1 = serializers.CharField(required=True, write_only=True)
+    password2 = serializers.CharField(required=True, write_only=True)

    def validate_username(self, username):
        username = get_adapter().clean_username(username)
@ -140,16 +142,21 @@ class RegisterSerializer(serializers.Serializer):
                    "A user is already registered with this e-mail address.")
        return email

-    def validate_password(self, password):
+    def validate_password1(self, password):
        return get_adapter().clean_password(password)

+    def validate(self, data):
+        if data['password1'] != data['password2']:
+            raise serializers.ValidationError("The two password fields didn't match.")
+        return data
+
    def custom_signup(self, request, user):
        pass

    def get_cleaned_data(self):
        return {
            'username': self.validated_data.get('username', ''),
-            'password1': self.validated_data.get('password', ''),
+            'password1': self.validated_data.get('password1', ''),
            'email': self.validated_data.get('email', '')
        }

--- a/rest_auth/tests/test_api.py
+++ b/rest_auth/tests/test_api.py
@ -28,7 +28,8 @@ class APITestCase1(TestCase, BaseAPITestCase):
    # data without user profile
    REGISTRATION_DATA = {
        "username": USERNAME,
-        "password": PASS,
+        "password1": PASS,
+        "password2": PASS
    }

    REGISTRATION_DATA_WITH_EMAIL = REGISTRATION_DATA.copy()
@ -271,6 +272,12 @@ class APITestCase1(TestCase, BaseAPITestCase):
        self._login()
        self._logout()

+    def test_registration_with_invalid_password(self):
+        data = self.REGISTRATION_DATA.copy()
+        data['password2'] = 'foobar'
+
+        self.post(self.register_url, data=data, status_code=400)
+
    @override_settings(
        ACCOUNT_EMAIL_VERIFICATION='mandatory',
        ACCOUNT_EMAIL_REQUIRED=True
--- a/rest_auth/tests/test_social.py
+++ b/rest_auth/tests/test_social.py
@ -21,7 +21,8 @@ class TestSocialAuth(TestCase, BaseAPITestCase):
    EMAIL = "person1@world.com"
    REGISTRATION_DATA = {
        "username": USERNAME,
-        "password": PASS,
+        "password1": PASS,
+        "password2": PASS,
        "email": EMAIL
    }