mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity
31,708 Commits 30 Branches 460 Tags
1536833e93a72a24e7ad32c04a922be83c328756
Commit Graph

64 Commits

Author SHA1 Message Date
Mariusz Felisiak
048a9ebb6e [4.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2023-11-01 06:19:20 +01:00
Gary Jarrel
99ba5b43f0 [4.2.x] Fixed #34438 -- Reallowed extending UserCreationForm. 
Regression in 298d02a77a.

Backport of fcc7dc5781 from main
 2023-03-28 12:48:25 +02:00
Paul Schilling
298d02a77a Fixed #25617 -- Added case-insensitive unique username validation in UserCreationForm. 
Co-Authored-By: Neven Mundar <nmundar@gmail.com>
 2022-12-29 09:42:22 +01:00
sdolemelipone
9d726c7902 Fixed #34187 -- Made UserCreationForm save many-to-many fields. 2022-11-29 05:56:53 +01:00
Simon Kern
de2c2127b6 Fixed #34066 -- Fixed link to password reset view in UserChangeForm.password's help text when using to_field. 
Co-Authored-By: David Sanders <shang.xiao.sanders@gmail.com>
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2022-10-27 09:23:34 +02:00
Marcelo Galigniana
b440493eaa Completed test coverage for contrib.auth.forms. 2022-10-26 12:52:18 +02:00
Shai Berger
fdf0f62521 Fixed ReadOnlyPasswordHashWidget's template for RTL languages. 2022-09-01 21:20:15 +02:00
Mariusz Felisiak
7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mads Jensen
c51bf80d56 Used more specific unittest assertions in tests. 2021-07-07 10:51:38 +02:00
David Sanders
536c155e67 Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget. 
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
 2021-05-19 20:34:57 +02:00
Timo Ludwig
d8dfff2ab0 Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. 2020-12-03 09:32:08 +01:00
François Freitag
9ef4a18dbe Changed django.forms.ValidationError imports to django.core.exceptions.ValidationError. 
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2020-04-28 10:49:00 +02:00
Simon Charette
5b1fbcef7a Fixed CVE-2019-19844 -- Used verified user email for password reset requests. 
Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
 2019-12-18 09:11:39 +01:00
Sam Reynolds
6c9778a58e Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField. 
Regression in 5ceaf14686.

Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
 2019-09-18 11:37:38 +02:00
Jon Dufresne
42b9a23267 Fixed #30400 -- Improved typography of user facing strings. 
Thanks Claude Paroz for assistance with translations.
 2019-06-28 16:46:18 +02:00
Hasan Ramezani
dcb8f00d06 Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields. 
Thank you to Nick Pope for review.

Co-authored-by: CHI Cheng <cloudream@gmail.com>
 2019-06-07 12:44:39 +02:00
Ally Weir
bd228cb599 Fixed mis-capitalisation in comment. 2019-05-15 12:14:59 +02:00
Jon Dufresne
8d76443aba Fixed #30399 -- Changed django.utils.html.escape()/urlize() to use html.escape()/unescape(). 2019-04-25 15:09:07 +02:00
pmisteli
9410db9683 Fixed #30236 -- Made UsernameField render with autocapitalize="none" HTML attribute. 
This prevents automatic capitalization, which is the default behavior in
some browsers.
 2019-03-29 15:24:44 +01:00
Tim Graham
f3fa86a89b Fixed #29449 -- Reverted "Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth." 
This reverts commit 3333d935d2 due to
a crash if USERNAME_FIELD isn't a CharField.
 2018-07-02 18:39:26 -04:00
Mads Jensen
9c651641f1 Added additional AdminPasswordChangeForm tests. 2018-04-04 11:25:28 -04:00
Malte Gerth
874977d388 Fixed #29270 -- Fixed UserChangeForm crash if password field is excluded. 2018-03-29 15:25:54 -04:00
Tim Graham
af33fb250e Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. 
Reverted 359370a8b8 (refs #28645).

This is a security fix.
 2018-02-01 09:05:14 -05:00
shanghui
3333d935d2 Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth. 
Also fixed #28608 -- Allowed UserCreationForm and UserChangeForm to
work with custom user models.

Thanks Sagar Chalise and Rômulo Collopy for reports, and Tim Graham
and Tim Martin for reviews.
 2018-01-05 14:47:37 -05:00
shanghui
359370a8b8 Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user error when using ModelBackend. 
Regression in e0a3d93730.

Thanks Guilherme Junqueira for the report and Tim Graham for the review.
 2017-11-08 09:39:12 -05:00
Jon Dufresne
6ed347d851 Fixed #28706 -- Moved AuthenticationFormn invalid login ValidationError to a method for reuse. 2017-10-23 09:10:45 -04:00
Lucas Connors
5ceaf14686 Fixed #27515 -- Made AuthenticationForm's username field use the max_length from the model field. 
Thanks Ramin Farajpour Cami for the report.
 2017-10-20 11:13:26 -04:00
Lucas Connors
d233391208 Refs #19130 -- Added a test for AuthenticationForm.username max_length. 
This will be a more useful regression test after refs #27515.
 2017-10-20 11:10:32 -04:00
Andrew Pinkham
a96b981d84 Fixed #28127 -- Allowed UserCreationForm's password validation to check all user fields. 2017-06-21 09:22:15 -04:00
Tim Graham
dff559ff83 Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. 2017-04-19 12:59:30 -04:00
Claude Paroz
c651331b34 Converted usage of ugettext* functions to their gettext* aliases 
Thanks Tim Graham for the review.
 2017-02-07 09:04:04 +01:00
chillaranand
d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Claude Paroz
2366100872 Removed unneeded force_text calls in the test suite 2017-01-24 18:45:54 +01:00
Tim Graham
7aba69145d Refs #23919 -- Removed django.test.mock Python 2 compatibility shim. 2017-01-20 08:17:20 -05:00
Simon Charette
cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Claude Paroz
c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage 
Thanks Tim Graham for the review.
 2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
za
321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
levental
617e36dc1e Fixed #20705 -- Allowed using PasswordResetForm with user models with an email field not named 'email'. 2016-09-27 11:59:00 -04:00
Gavin Wahl
f0f3de3c96 Fixed #23155 -- Added request argument to user_login_failed signal. 2016-09-12 20:30:34 -04:00
Tim Graham
0368d63a78 Fixed indentation in previous commit. 2016-09-10 18:39:13 -04:00
Alexander Gaevsky
536db42cf0 Fixed #26097 -- Added password_validators_help_text_html to UserCreationForm. 2016-09-10 18:23:18 -04:00
Berker Peksag
3c18f8a3d2 Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields. 2016-08-24 13:20:12 -04:00
Olexander Yermakov
975a76a964 Fixed #26951 -- Allowed AuthenticationForm to work with a username of 0. 2016-08-10 09:44:48 -04:00
Tim Graham
39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser. 
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
 2016-06-21 16:19:37 -04:00
Claude Paroz
9935f97cd2 Refs #21379 -- Normalized unicode username inputs 2016-05-16 19:38:02 +02:00
Claude Paroz
526575c641 Fixed #21379 -- Created auth-specific username validators 
Thanks Tim Graham for the review.
 2016-05-16 19:37:57 +02:00
Claude Paroz
b26fedacef Fixed #26544 -- Delayed translations of SetPasswordForm help_texts 
Thanks Michael Bitzi for the reporti and Tim Graham for the review.
 2016-05-07 10:17:49 +02:00
Tim Graham
92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00