为什么 user.is_authenticated 在注销后断言为真
Why is user.is_authenticated asserting true after logout
我正在尝试编写用于在 Django 中注销用户的测试。这是代码:
urls.py
from django.conf.urls import url
from django.contrib import admin
from accounts.views import LoginView, LogoutView
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^login/', LoginView.as_view(), name='login'),
url(r'^logout/', LogoutView.as_view(), name='logout'),
]
views.py
from django.http import HttpResponseRedirect
from django.contrib.auth import login, logout
from django.views.generic import View
class LogoutView(View):
def get(self, request):
logout(request)
return HttpResponseRedirect('/')
tests.py
from django.test import TestCase, Client
from django.contrib.auth.models import User
class LogoutTest(TestCase):
def setUp(self):
self.client = Client()
self.user = User.objects.create_user(
username='user1',
email='user1_123@gmail.com',
password='top_secret123'
)
def test_user_logs_out(self):
self.client.login(email=self.user.email, password=self.user.password)
self.assertTrue(self.user.is_authenticated)
response = self.client.get('/logout/')
self.assertFalse(self.user.is_authenticated)
self.assertRedirects(response, '/', 302)
断言 self.assertFalse(self.user.is_authenticated) 失败。通过浏览器测试似乎工作正常。似乎用户在调用 logout() 后无法通过身份验证。我错过了什么吗?
It seems like the user would not be authenticated after calling logout(). Am I missing something?
例如,.is_authenticated [Django-doc] does not check if a user is logged in. Every real User returns always True for is_authenticated. An AnonymousUser [Django-doc] 将 return False。如果您因此注销,那么 request.user 将成为 AnonymousUser,因此不会被验证。
换句话说,如果您使用 request.user.is_authenticated,如果会话绑定到用户(您使用浏览器登录),您将在 logged-in 用户上调用它,并且您调用这在 AnonymousUser 以防浏览器未登录 user/the 浏览器注销。
我正在尝试编写用于在 Django 中注销用户的测试。这是代码:
urls.py
from django.conf.urls import url
from django.contrib import admin
from accounts.views import LoginView, LogoutView
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^login/', LoginView.as_view(), name='login'),
url(r'^logout/', LogoutView.as_view(), name='logout'),
]
views.py
from django.http import HttpResponseRedirect
from django.contrib.auth import login, logout
from django.views.generic import View
class LogoutView(View):
def get(self, request):
logout(request)
return HttpResponseRedirect('/')
tests.py
from django.test import TestCase, Client
from django.contrib.auth.models import User
class LogoutTest(TestCase):
def setUp(self):
self.client = Client()
self.user = User.objects.create_user(
username='user1',
email='user1_123@gmail.com',
password='top_secret123'
)
def test_user_logs_out(self):
self.client.login(email=self.user.email, password=self.user.password)
self.assertTrue(self.user.is_authenticated)
response = self.client.get('/logout/')
self.assertFalse(self.user.is_authenticated)
self.assertRedirects(response, '/', 302)
断言 self.assertFalse(self.user.is_authenticated) 失败。通过浏览器测试似乎工作正常。似乎用户在调用 logout() 后无法通过身份验证。我错过了什么吗?
例如,It seems like the user would not be authenticated after calling
logout(). Am I missing something?
.is_authenticated [Django-doc] does not check if a user is logged in. Every real User returns always True for is_authenticated. An AnonymousUser [Django-doc] 将 return False。如果您因此注销,那么 request.user 将成为 AnonymousUser,因此不会被验证。
换句话说,如果您使用 request.user.is_authenticated,如果会话绑定到用户(您使用浏览器登录),您将在 logged-in 用户上调用它,并且您调用这在 AnonymousUser 以防浏览器未登录 user/the 浏览器注销。