Django CSRF Protection Fails During Testing
Question
I'm having issues testing template loading in a django project. I want to use the views included in the django.contrib.auth but use my own login templates. The tests fail and indicate that they are loading the template for CSRF testing failure.
However if I run the site on my local server everything seems alright.
======================================================================
FAIL: test_login_template_loading (mysite.test.HomePageTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/Users/mohitgupta/Documents/Development/mysite.com/src/mysite/test.py", line 23, in test_login_template_loading
self.assertIn(b'<title> Login', response.content)
AssertionError: b'<title> Login' not found in b'\n<!DOCTYPE html>\n<html lang="en">\n<head>\n <meta http-equiv="content-type" content="text/html; charset=utf-8">\n <meta name="robots" content="NONE,NOARCHIVE">\n <title>403 Forbidden</title>\n <style type="text/css">\n html * { padding:0; margin:0; }\n body * { padding:10px 20px; }\n body * * { padding:0; }\n body { font:small sans-serif; background:#eee; }\n body>div { border-bottom:1px solid #ddd; }\n h1 { font-weight:normal; margin-bottom:.4em; }\n h1 span { font-size:60%; color:#666; font-weight:normal; }\n #info { background:#f6f6f6; }\n #info ul { margin: 0.5em 4em; }\n #info p, #summary p { padding-top:10px; }\n #summary { background: #ffc; }\n #explanation { background:#eee; border-bottom: 0px none; }\n </style>\n</head>\n<body>\n<div id="summary">\n <h1>Forbidden <span>(403)</span></h1>\n <p>CSRF verification failed. Request aborted.</p>\n\n\n <p>You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.</p>\n <p>If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for 'same-origin' requests.</p>\n\n</div>\n\n<div id="explanation">\n <p><small>More information is available with DEBUG=True.</small></p>\n</div>\n\n</body>\n</html>\n'
----------------------------------------------------------------------
Ran 3 tests in 0.036s
FAILED (failures=1)
This is my test to ensure the right template is loaded.
def test_login_template_loading(self):
request = HttpRequest()
response = login(request)
self.assertIn(b'<title> Login', response.content)
self.assertTrue(response.content.endswith(b'</html>'))
I've included the csrf token in my form template. In fact the form is taken directly out of the Django documentation.
<!DOCTYPE html>
<html>
<head>
<title> Login </title>
</head>
<body>
<h1>TEST</h1>
{% if form.errors %}
<p>Your username and password didn't match. Please try again.</p>
{% endif %}
{% if next %}
{% if user.is_authenticated %}
<p>Your account doesn't have access to this page. To proceed,
please login with an account that has access.</p>
{% else %}
<p>Please login to see this page.</p>
{% endif %}
{% endif %}
<form method="post" action="{% url 'login' %}">
{% csrf_token %}
<table>
<tr>
<td>{{ form.username.label_tag }}</td>
<td>{{ form.username }}</td>
</tr>
<tr>
<td>{{ form.password.label_tag }}</td>
<td>{{ form.password }}</td>
</tr>
</table>
<input type="submit" value="login" />
<input type="hidden" name="next" value="{{ next }}" />
</form>
</body>
</html>
This is stalling my project at stage 1 so I'd really appreciate any ideas as to why this is happening.
1 answers
solution1
0 ACCPTED 2016-02-13 21:50:19
Oh man...I wasn't getting enough sleep clearly. It was a poorly structured test.
def test_login_template_loading(self):
response = self.client.get("/")
self.assertIn(b'<title>Login', response.content)
self.assertTrue(response.content.endswith(b'</html>'))
Move along...Nothing to see here :)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.