mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-14 04:18:17 +00:00
Code Issues 32 Releases Wiki Activity
23,196 Commits 28 Branches 426 Tags 661 MiB
0368d63a78
Commit Graph

112 Commits

Author SHA1 Message Date
Tim Graham
0368d63a78 Fixed indentation in previous commit. 2016-09-10 18:39:13 -04:00
Alexander Gaevsky
536db42cf0 Fixed #26097 -- Added password_validators_help_text_html to UserCreationForm. 2016-09-10 18:23:18 -04:00
Jon Dufresne
66e1ebbffc Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView. 
Allows specifying additional hosts to redirect after login and log out.
 2016-09-07 19:56:25 -07:00
Jon Dufresne
488b3d2b38 Fixed typo in auth management test. 2016-08-28 19:20:35 -07:00
Berker Peksag
3c18f8a3d2 Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields. 2016-08-24 13:20:12 -04:00
Przemysław Suliga
549b90fab3 Refs #26902 -- Protected against insecure redirects in Login/LogoutView. 2016-08-19 19:01:01 -04:00
Tim Graham
13857b45ca Removed unused 'password' parameter in auth_tests. 2016-08-18 19:01:28 -04:00
Tim Graham
7549eb0004 Fixed #27009 -- Made update_session_auth_hash() rotate the session key. 2016-08-15 19:29:12 -04:00
Andrew Nester
4591cf3fd8 Fixed #26909 -- Allowed UserAttributeSimilarityValidator to validate against model properties. 2016-08-10 15:08:06 -04:00
jordij
0814566bf1 Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset. 2016-08-10 10:23:16 -04:00
Olexander Yermakov
975a76a964 Fixed #26951 -- Allowed AuthenticationForm to work with a username of 0. 2016-08-10 09:44:48 -04:00
Sergey Yurchenko
4e64e3bb6e Fixed #26997 -- Fixed checks crash with empty Meta.default_permissions. 2016-08-03 09:14:01 -04:00
Andrew Nester
0ba179194b Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login(). 2016-07-28 11:57:02 -04:00
Tim Graham
412b4126d7 Removed a blank line per isort and a trailing whitespace. 2016-07-28 11:56:25 -04:00
Andrew Nester
dde6288fbe Fixed #26882 -- Added tests for auth.views.logout_then_login(). 2016-07-22 15:04:13 -04:00
Claude Paroz
255fb99284 Fixed #17209 -- Added password reset/change class-based views 
Thanks Tim Graham for the review.
 2016-07-16 10:36:12 +02:00
Bang Dao + Tam Huynh
09119dff14 Fixed #26719 -- Normalized email in AbstractUser.clean(). 2016-06-24 10:37:38 -04:00
Claude Paroz
78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views 
Thanks Tim Graham for the review.
 2016-06-24 10:45:13 +02:00
Tim Graham
39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser. 
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
 2016-06-21 16:19:37 -04:00
Jon Dufresne
4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Tim Graham
1915a7e5c5 Increased the default PBKDF2 iterations. 2016-05-20 09:19:19 -04:00
Simon Charette
7694e196ce
Moved the AUTH_USER_MODEL setting changed receiver. 
Test suites besides Django's may need the same behavior.
 2016-05-18 09:56:29 -04:00
Loïc Bistuer
4ff1e6ef58 Fixed running auth_tests in isolation after 3a47d42fa3. 2016-05-18 06:38:42 -04:00
Tim Graham
ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner
9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005. 
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
 2016-05-17 07:22:22 -04:00
Loïc Bistuer
3a47d42fa3 Fixed #20932, #25897 -- Streamlined manager inheritance. 2016-05-17 02:29:22 +07:00
Claude Paroz
9935f97cd2 Refs #21379 -- Normalized unicode username inputs 2016-05-16 19:38:02 +02:00
Claude Paroz
526575c641 Fixed #21379 -- Created auth-specific username validators 
Thanks Tim Graham for the review.
 2016-05-16 19:37:57 +02:00
Simon Charette
61a16e0270 Fixed #24075 -- Used post-migration models in contrib apps receivers. 
Thanks Markus and Tim for the review.
 2016-05-15 19:51:16 -04:00
Claude Paroz
b26fedacef Fixed #26544 -- Delayed translations of SetPasswordForm help_texts 
Thanks Michael Bitzi for the reporti and Tim Graham for the review.
 2016-05-07 10:17:49 +02:00
Tim Graham
03efa304bc Refs #25847 -- Added system check for UserModel.is_anonymous/is_authenticated methods. 2016-05-06 08:56:06 -04:00
Tim Graham
f945fb24a3 Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 10:09:57 -04:00
Bas Westerbaan
a5033dbc58 Refs #26033 -- Added password hasher support for Argon2 v1.3. 
The previous version of Argon2 uses encoded hashes of the form:
   $argon2d$m=8,t=1,p=1$<salt>$<data>

The new version of Argon2 adds its version into the hash:
   $argon2d$v=19$m=8,t=1,p=1$<salt>$<data>

This lets Django handle both version properly.
 2016-04-25 21:17:53 -04:00
Jeremy Lainé
c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Tim Graham
92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00
Simon Charette
a872194802 Fixed #26470 -- Converted auth permission validation to system checks. 
Thanks Tim for the review.
 2016-04-06 22:40:43 -04:00
Simon Charette
fc34be896d Extracted auth checks tests into their own module. 2016-04-06 22:40:43 -04:00
Alexander Gaevsky
e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Tim Graham
1243fdf5cb Fixed #26395 -- Skipped the CryptPasswordHasher tests on platforms with a dummy crypt module. 2016-03-22 11:22:21 -04:00
Berker Peksag
efa9539787 Fixed #26381 -- Made UserCreationForm reusable with custom user models that define USERNAME_FIELD. 2016-03-21 12:32:42 -04:00
Vincenzo Pandolfo
d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
ieatkittens
ab8af342b1 Fixed #26343 -- Sent user_login_failed signal if an auth backend raises PermissionDenied. 2016-03-12 16:44:39 -05:00
Tim Graham
5ca045cd25 Moved createsuperuser test app into auth_tests. 2016-03-08 13:06:58 -05:00
Bas Westerbaan
b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Jon Dufresne
4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Jon Dufresne
8d3fcfa39e Cleaned up tests to use call_command() instead of Command.execute(). 2016-03-05 12:59:30 -05:00
Alasdair Nicol
8c42cf0cbd Fixed #26303 -- Updated links to mod_wsgi docs. 2016-03-01 19:22:32 -05:00
Florian Apolloner
67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login. 
This is a security fix.
 2016-03-01 11:25:28 -05:00
Jon Dufresne
eac1423f9e Removed obsolete test CreatesuperuserManagementCommandTestCase.test_nolocale. 
Test was added in 4c934f3921 to verify that
the commend works when locale.getdefaultlocale() doesn't return a locale.
getdefaultlocale() no longer runs at runtime, so the test isn't needed.
 2016-02-29 08:46:37 -05:00
Olivier Le Thanh Duong
10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view. 
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
 2016-02-25 07:18:33 -05:00