use client.force_login to not need a password

accounts/tests/test_upload.py

@@ -234,8 +234,8 @@ def test_bulk_describe_view_permissions(self):
         resp = self.client.get(reverse('accounts-bulk-describe', args=[bulk.id]))
         self.assertEqual(resp.status_code, 200)  # After login, page loads normally (200 OK)
 
-        User.objects.create_user("testuser2", password="testpass", email='[email protected]')
-        self.client.login(username='testuser2', password='testpass')
+        user = User.objects.create_user("testuser2", email='[email protected]')
+        self.client.force_login(user)
         resp = self.client.get(reverse('accounts-bulk-describe', args=[bulk.id]))
         self.assertEqual(resp.status_code, 404)  # User without permission (not owner of object) gets 404
 

accounts/tests/test_user.py

@@ -921,8 +921,8 @@ def test_change_username_creates_old_username(self):
     @override_settings(USERNAME_CHANGE_MAX_TIMES=2)
     def test_change_username_form_profile_page(self):
         # Create user and login
-        userA = User.objects.create_user('userA', email='[email protected]', password='testpass')
-        self.client.login(username='userA', password='testpass')
+        userA = User.objects.create_user('userA', email='[email protected]')
+        self.client.force_login(userA)
 
         # Test save profile without changing username (note we set all mandatory fields)
         resp = self.client.post(reverse('accounts-edit'), data={'profile-username': ['userA'], 'profile-ui_theme_preference': 'f'})
@@ -990,11 +990,11 @@ def test_change_username_mark_sounds_dirty(self):
 
     @override_settings(USERNAME_CHANGE_MAX_TIMES=2)
     def test_change_username_form_admin(self):
-        User.objects.create_user('superuser', password='testpass', is_superuser=True, is_staff=True)
-        self.client.login(username='superuser', password='testpass')
+        superuser = User.objects.create_user('superuser', is_superuser=True, is_staff=True)
+        self.client.force_login(superuser)
 
         # Create user and get admin change url
-        userA = User.objects.create_user('userA', email='[email protected]', password='testpass')
+        userA = User.objects.create_user('userA', email='[email protected]')
         admin_change_url = reverse('admin:auth_user_change', args=[userA.id])
 
         post_data = {'username': 'userA',
@@ -1068,8 +1068,8 @@ def test_change_username_case_insensitiveness(self):
         OldUsername entry because usernames should be treated as case insensitive.
         """
         # Create user and login
-        userA = User.objects.create_user('userA', email='[email protected]', password='testpass')
-        self.client.login(username='userA', password='testpass')
+        userA = User.objects.create_user('userA', email='[email protected]')
+        self.client.force_login(userA)
 
         # Rename "userA" to "UserA", should not create OldUsername object
         resp = self.client.post(reverse('accounts-edit'), data={'profile-username': ['UserA'], 'profile-ui_theme_preference': 'f'})
@@ -1090,8 +1090,8 @@ def test_oldusername_username_unique_case_insensitiveness(self):
 class ChangeEmailViaAdminTestCase(TestCase):
 
     def test_change_email_form_admin(self):
-        User.objects.create_user('superuser', password='testpass', is_superuser=True, is_staff=True)
-        self.client.login(username='superuser', password='testpass')
+        superuser = User.objects.create_user('superuser', is_superuser=True, is_staff=True)
+        self.client.force_login(superuser)
 
         # Create user and get admin change url
         userA = User.objects.create_user('userA', email='[email protected]', password='testpass')