encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2024-11-10 19:56:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Don't trim whitespace from authtoken passwords

Browse Source 
* Fixes #5148
This commit is contained in:
Thomas Achtemichuk 2017-05-17 14:52:39 -04:00
parent 1ca5a9d042
commit c9c383dfad
No known key found for this signature in database
GPG Key ID: FE3D023793584522
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
rest_framework/authtoken/serializers.py
View File

@ -6,7 +6,8 @@ from rest_framework import serializers
class AuthTokenSerializer(serializers.Serializer):
username = serializers.CharField(label=_("Username"))
password = serializers.CharField(label=_("Password"), style={'input_type': 'password'})
password = serializers.CharField(label=_("Password"),
style={'input_type': 'password'}, trim_whitespace=False)
def validate(self, attrs):
username = attrs.get('username')

6
tests/test_authtoken.py
View File

@ -27,3 +27,9 @@ class AuthTokenTests(TestCase):
def test_validate_raise_error_if_no_credentials_provided(self):
with pytest.raises(ValidationError):
AuthTokenSerializer().validate({})
def test_whitespace_in_password(self):
data = {'username': self.user.username, 'password': 'test pass '}
self.user.set_password(data['password'])
self.user.save()
assert AuthTokenSerializer(data=data).is_valid()