Client.logout() also clears any force_authenticate

This commit is contained in:
Tom Christie 2014-12-12 13:13:08 +00:00
parent 903fb5ff96
commit 78312d44d1
2 changed files with 18 additions and 1 deletions

View File

@ -204,6 +204,11 @@ class APIClient(APIRequestFactory, DjangoClient):
def logout(self): def logout(self):
self._credentials = {} self._credentials = {}
# Also clear any `force_authenticate`
self.handler._force_user = None
self.handler._force_token = None
return super(APIClient, self).logout() return super(APIClient, self).logout()

View File

@ -109,7 +109,7 @@ class TestAPITestClient(TestCase):
def test_can_logout(self): def test_can_logout(self):
""" """
`logout()` reset stored credentials `logout()` resets stored credentials
""" """
self.client.credentials(HTTP_AUTHORIZATION='example') self.client.credentials(HTTP_AUTHORIZATION='example')
response = self.client.get('/view/') response = self.client.get('/view/')
@ -118,6 +118,18 @@ class TestAPITestClient(TestCase):
response = self.client.get('/view/') response = self.client.get('/view/')
self.assertEqual(response.data['auth'], b'') self.assertEqual(response.data['auth'], b'')
def test_logout_resets_force_authenticate(self):
"""
`logout()` resets any `force_authenticate`
"""
user = User.objects.create_user('example', 'example@example.com', 'password')
self.client.force_authenticate(user)
response = self.client.get('/view/')
self.assertEqual(response.data['user'], 'example')
self.client.logout()
response = self.client.get('/view/')
self.assertEqual(response.data['user'], b'')
def test_follow_redirect(self): def test_follow_redirect(self):
""" """
Follow redirect by setting follow argument. Follow redirect by setting follow argument.