tags:

views:

72

answers:

2
+2  Q: 

Customizable Authencation backends not followed by Django's own login testcases. Why ?

I learnt that using Customizable Authencation backends philosophy, one can create a website which accepts email addresses as usernames. But after building the corresponding logic and testing that my code is working fine, I found one issue with Django's own testcases. They were failing to follow the Customizable Authencation backend philosophy. Meaning, the testcases were actually having hardcoded values('username': 'testclient') for testing the "login" process. Why is that? Django always discourages Tight Coupling. But whats happening here?

I am not bashing Django by any means! I am a big fan and I will be, for years to come. Just want to know the reason behind this!

Update: As @dmishe pointed out those testcases should validate Django's own functionality. I understood that. But how do I let those "failing testcase" errors NOT show up when I run my testcases or run the whole project test suite?

A: 

I don't see a problem here, django.contrib.auth.tests should test auth app and nothing more. Thus, it should test built-in backend which is username/password combination.

Dmitry Shevchenko  2010-01-28 22:24:50
@dmishe! You are right. The more I think about it, the more I am inclined towards finding that, its actually true. But I couldn't be expecting Django's testcases to fail, when I am running my testcases. So is there a feasible solution/workaround just to bypass this problem?
Maddy  2010-01-29 03:05:04
+1  A: 

As dmishe points out, it is not a problem that the contrib.auth tests test the functionality that is built in to the contrib.auth app. It is a problem that those tests are run for user projects by default, and it is easy to break them via normal settings customization. This is a problem the Django developers are aware of and working on possible solutions.

In the meantime, my solution is to define a simple bash script to test only the apps I want to. So instead of "./manage.py test" I run a script that does "./manage.py test app1 app2 app3...". Not perfect, but it's far from the worst of my problems :-)

Update: This commit might interest you.

Carl Meyer  2010-01-29 17:11:17
I expected to solve this with unittest suites. But still, it needs app1, app2, app3 mentioned scenario. So for now I will go with this. But waiting a better solution....
Maddy  2010-02-12 19:09:13
@Carl Thanks about the suggestion. I tried the same approach by overriding settings.INSTALLED_APPS and I removed django.contrib.auth from settings.INSTALLED_APPS(for bypassing "auth" tests). It resulted in the non-creation of "auth_user" table, which is needed for all my other tests. So no luck :(
Maddy  2010-02-14 07:11:22

related questions

How do I write Firefox add-on that automatically enters proxy passwords?
Login Integration in PHP
Strange Rails Authentication Issue
Concurrent logins in a web farm
Is there a browser equivalent to IE's ClearAuthenticationCache?
How can I authenticate using client credentials in WCF just once?
Why can't I connect to my CAS server with Perl's AuthCAS?
Best Solution For Authentication in Ruby on Rails
Authenticate on an ASP.Net Forms Authorization website from a console app
How do I use NTLM authentication with Active Directory
What have you used Windows CardSpace for, if anything
Forms Authentication across Applications
Retreiving the PC Name of a Client? (Windows Auth)
How would you implement FORM based authentication without a backing database?
What's the best way to authenticate over WCF?
Only accepting certain ajax requests from authenticated users
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
What to use for login ID?
ASP.NET authentication: user name Vs User ID
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Checklist for IIS 6/ASP.NET Windows Authentication?
The Definitive Guide To Website Authentication