repoze/who/api.py | ●●●●● patch | view | raw | blame | history | |
repoze/who/middleware.py | ●●●●● patch | view | raw | blame | history | |
repoze/who/tests/test_api.py | ●●●●● patch | view | raw | blame | history |
repoze/who/api.py
@@ -257,7 +257,16 @@ else: identifier = self.identifiers[0][1] # Pretend that the given identifier extracted the identity. return identifier.forget(self.environ, None) headers = identifier.forget(self.environ, None) # we need to remove the identity for hybrid middleware/api usages to # work correctly: middleware calls ``remember`` unconditionally "on # the way out", and if an identity is found, competing login headers # will be set. if 'repoze.who.identity' in self.environ: del self.environ['repoze.who.identity'] return headers def _identify(self): """ See IAPI. repoze/who/middleware.py
@@ -3,7 +3,6 @@ import sys from repoze.who.api import APIFactory from repoze.who.interfaces import IIdentifier from repoze.who.interfaces import IChallenger _STARTED = '-- repoze.who request started (%s) --' repoze/who/tests/test_api.py
@@ -759,10 +759,27 @@ api = self._makeOne(identifiers=identifiers, authenticators=[('authentic', authenticator)], environ=environ) identity, headers = api.login({'login': 'notchrisid'}) self.assertEqual(identity, None) headers = api.logout() self.assertEqual(headers, FORGET_HEADERS) def test_logout_removes_repoze_who_identity(self): class _Identifier: def identify(self, environ): pass def forget(self, environ, identity): pass def remember(self, environ, identity): pass authenticator = DummyFailAuthenticator() environ = self._makeEnviron() environ['repoze.who.identity'] = 'identity' identifiers = [('valid', _Identifier())] api = self._makeOne(identifiers=identifiers, authenticators=[('authentic', authenticator)], environ=environ) api.logout() self.failIf('repoze.who.identity' in environ) def test__identify_success(self): environ = self._makeEnviron() credentials = {'login':'chris', 'password':'password'}