Dear Django group,
using Django 1.11.3 with Python 2.7, please consider the following test:
def test_passwort_aendern(self):
u = User.objects.create_user("Test", "[email protected]", "Passwort")
self.client.force_login(u)
response = self.client.post("/change_password/", {
"old_password": "Passwort",
"new_password1": "test",
"new_password2": "test",
}, follow=True)
self.assertContains(response, "Password successfully changed")
The test is successful if the URL maps to the (now unfortunately deprecated)
function-based view:
from django.contrib.auth import views as auth_views
urlpatterns = [
# ...
url(r'^change_password/$', auth_views.password_change,
{'post_change_redirect': 'lori:pwd_changed'}, name='change_password'),
]
If I use the class-based view in its place, the test fails:
urlpatterns = [
# ...
url(r'^change_password/$',
auth_views.PasswordChangeView.as_view(success_url='lori:pwd_changed'),
name='change_password'),
]
The test output is:
AssertionError: Couldn't retrieve content: Response code was 400 (expected 200)
When called in the browser, the result is an error page with:
SuspiciousOperation at /change_password/
The request's session was deleted before the request completed. The user may
have logged out in a concurrent request, for example.
The given stack trace is below.
I have so far not been able to figure out the relationship between the session
(which I guess the password change view expires intentionally?) and the error
messageā¦
Any ideas what may be causing this problem?
Best regards,
Carsten
Environment:
Request Method: POST
Request URL: http://localhost/lori/change_password/
Django Version: 1.11.3
Python Version: 2.7.3
Installed Applications:
('django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.staticfiles',
'django.contrib.messages',
'Lori',
'PerfMon',
'Spesen',
'Urlaubsantraege')
Installed Middleware:
['django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'Lori.middleware.ggVerfallenMiddleware']
Traceback:
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/core/handlers/exception.py"
in inner
41. response = get_response(request)
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/utils/deprecation.py"
in __call__
142. response = self.process_response(request, response)
File
"/home/carsten/.virtualenvs/Zeiterfassung/lib/python2.7/site-packages/django/contrib/sessions/middleware.py"
in process_response
61. "The request's session was deleted before the
"
Exception Type: SuspiciousOperation at /change_password/
Exception Value: The request's session was deleted before the request
completed. The user may have logged out in a concurrent request, for example.
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/c6cae2db-3436-4342-6d6f-387a9206064e%40cafu.de.
For more options, visit https://groups.google.com/d/optout.
