Dear Django group,
using Django 1.11.3 with Python 2.7, please consider the following test:
def test_passwort_aendern(self):
u = User.objects.create_user("Test", "t...@example.com", "Passwort")
self.client.force_login(u)
response = self.client.post("/change_password/", {
"old_password": "Passwort",
"new_password1": "test",
"new_password2": "test",
}, follow=True)
self.assertContains(response, "Password successfully changed")
The test is successful if the URL maps to the (now unfortunately deprecated)
function-based view:
from django.contrib.auth import views as auth_views
urlpatterns = [
# ...
url(r'^change_password/$', auth_views.password_change,
{'post_change_redirect': 'lori:pwd_changed'}, name='change_password'),
]
If I use the class-based view in its place, the test fails:
urlpatterns = [
# ...
url(r'^change_password/$',
auth_views.PasswordChangeView.as_view(success_url='lori:pwd_changed'),
name='change_password'),
]
The test output is:
AssertionError: Couldn't retrieve content: Response code was 400 (expected 200)
When called in the browser, the result is an error page with:
SuspiciousOperation at /change_password/
The request's session was deleted before the request completed. The user may
have logged out in a concurrent request, for example.
The given stack trace is below.
I have so far not been able to figure out the relationship between the session
(which I guess the password change view expires intentionally?) and the error
messageā¦
Any ideas what may be causing this problem?
Best regards,
Carsten
Environment:
Request Method: POST
Request URL: http://localhost/lori/change_password/
Django Version: 1.11.3
Python Version: 2.7.3
Installed Applications:
('django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.staticfiles',
'django.contrib.messages',
'Lori',
'PerfMon',
'Spesen',
'Urlaubsantraege')
Installed Middleware:
['django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'Lori.middleware.ggVerfallenMiddleware']
Traceback:
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/core/handlers/exception.py"
in inner
41. response = get_response(request)
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/utils/deprecation.py"
in __call__
142. response = self.process_response(request, response)
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/contrib/sessions/middleware.py"
in process_response
61. "The request's session was deleted before the
"
Exception Type: SuspiciousOperation at /change_password/
Exception Value: The request's session was deleted before the request
completed. The user may have logged out in a concurrent request, for example.
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/c6cae2db-3436-4342-6d6f-387a9206064e%40cafu.de.
For more options, visit https://groups.google.com/d/optout.
