Roy Zheng
804f2b7024
Added note about password updates on argon2 attributes change.
2020-08-11 07:51:27 +02:00
Hasan Ramezani
8aa71f4e87
Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes or strings.
2020-03-31 10:52:56 +02:00
Jon Dufresne
85efc14a2e
Fixed #30948 -- Changed packaging to use declarative config in setup.cfg.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-11-08 14:14:13 +01:00
Tobias Kunze
4a954cfd11
Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty.
...
This patch does not remove all occurrences of the words in question.
Rather, I went through all of the occurrences of the words listed
below, and judged if they a) suggested the reader had some kind of
knowledge/experience, and b) if they added anything of value (including
tone of voice, etc). I left most of the words alone. I looked at the
following words:
- simply/simple
- easy/easier/easiest
- obvious
- just
- merely
- straightforward
- ridiculous
Thanks to Carlton Gibson for guidance on how to approach this issue, and
to Tim Bell for providing the idea. But the enormous lion's share of
thanks go to Adam Johnson for his patient and helpful review.
2019-09-06 13:27:46 +02:00
Ramiro Morales
aed89adad5
Fixed #30367 -- Changed "pip install" to "python -m pip install" in docs, comments and hints.
2019-04-18 14:41:15 +02:00
Mariusz Felisiak
25829197bb
Removed extra characters in docs header underlines.
2019-02-08 21:38:30 +01:00
Tim Graham
ec7e179aeb
Removed versionadded/changed annotations for 2.1.
2019-01-17 10:50:25 -05:00
François Freitag
9b15ff08ba
Used auto-numbered lists in documentation.
2018-11-15 13:54:28 -05:00
Curtis Maloney
c49ea6f591
Refs #20910 -- Replaced snippet directive with code-block.
2018-09-10 13:00:34 -04:00
adamth
acf9d64045
Fixed typos in docs/topics/auth/passwords.txt.
2018-04-23 07:37:26 -04:00
Brett Cannon
64b74804c5
Fixed #29334 -- Updated pypi.python.org URLs to pypi.org.
2018-04-17 20:24:27 -04:00
GS-14
93331877c8
Fixed #29274 -- Increased the number of common passwords from 1k to 20k.
2018-04-16 11:01:47 -04:00
Tim Graham
a4f0e9aec7
Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher.
...
Regression in aeb1389442
.
Reverted changes to is_password_usable() from
703c266682
and documentation changes from
92f48680db
.
2018-03-22 10:03:43 -04:00
Tim Graham
5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.
2018-02-26 09:05:18 -05:00
Karmen
4fcd28d442
Fixed #28881 -- Doc'd that CommonPasswordValidator's password list must be lowercase.
2018-01-15 10:16:27 -05:00
Mariusz Felisiak
081e787160
Refs #23919 -- Stopped inheriting from object to define new style classes.
...
Tests and docs complement to cecc079168
.
2017-06-26 10:30:31 -04:00
Claude Paroz
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
chillaranand
dc165ec8e5
Refs #23919 -- Replaced super(ClassName, self) with super() in docs.
2017-01-25 11:53:05 -05:00
Tim Graham
e27e4c0339
Removed versionadded/changed annotations for 1.10.
2017-01-17 20:52:05 -05:00
Tim Graham
0d9ff873d9
Fixed #27467 -- Made UserAttributeSimilarityValidator max_similarity=0/1 work as documented.
...
Thanks goblinJoel for the report and feedback.
2016-11-16 17:40:37 -05:00
Tim Graham
9f27735612
Fixed #27013 -- Clarified commands to install argon2/bcrypt packages.
2016-08-19 19:23:12 -04:00
Tim Graham
796cc62026
Fixed #27045 -- Documented that AUTH_PASSWORD_VALIDATORS aren't applied at the model level.
2016-08-10 15:52:16 -04:00
Jiang Haiyun
6d61ec0e1a
Fixed a typo in auth docs.
2016-07-04 11:02:11 -04:00
Ville Skyttä
96f97691ad
Fixed broken links in docs and comments.
2016-06-15 21:20:23 -04:00
Bas Westerbaan
9407cc966b
Fixed #26635 -- Clarified Argon2PasswordHasher's memory_cost differs from command line utility.
2016-05-27 18:37:12 -04:00
Tim Graham
46a38307c2
Removed versionadded/changed annotations for 1.9.
2016-05-20 11:44:29 -04:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Florian Apolloner
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Markus Holtermann
b14470c7b7
Fixed spelling error
2016-02-23 10:24:38 +11:00
Tim Graham
5a541e2e6c
Fixed #26188 -- Documented how to wrap password hashers.
2016-02-22 17:21:45 -05:00
rowanv
a6ef025dfb
Fixed #26124 -- Added missing code formatting to docs headers.
2016-02-01 10:42:05 -05:00
Eliezer Kanal
d3b488f5bd
Updated link to 1000 common passwords.
...
xato.net is dead; replaced with link to archive.org.
2015-12-02 12:57:02 -05:00
Tim Graham
cb1e779ceb
Refs #24115 -- Added docs for password updates on bcrypt rounds change.
2015-09-22 19:30:31 -04:00
Claude Paroz
64982cc2fb
Updated Wikipedia links to use https
2015-08-08 12:02:32 +02:00
Tim Graham
f5e9d67907
Refs #16860 -- Moved password_changed() logic to AbstractBaseUser.
...
Thanks Carl Meyer for review.
2015-07-20 13:44:26 -04:00
Tim Graham
55b3bd8468
Refs #16860 -- Minor edits and fixes to password validation.
2015-06-10 07:41:01 -04:00
Erik Romijn
1daae25bdc
Fixed #16860 -- Added password validation to django.contrib.auth.
2015-06-07 19:31:20 +02:00
Sam Thursfield
1119063c69
Fixed #24556 -- Added reminder about HTTPS to passwords docs.
2015-04-03 10:55:11 -04:00
darkryder
9ec8aa5e5d
Fixed #24149 -- Normalized tuple settings to lists.
2015-02-03 14:59:45 -05:00
Ilya Baryshev
ed7c4df1ee
Fixed documentation of make_password kwargs.
2014-10-27 06:36:55 -04:00
Alex Gaynor
0e27882b3a
Stray paren
2014-04-17 11:29:07 -07:00
Alex Gaynor
464b98b1fe
Include an 'extra_requires' for bcrypt
2014-04-17 11:28:09 -07:00
Tim Graham
51c8045145
Removed versionadded/changed annotations for 1.6.
2014-03-24 11:42:56 -04:00
Tim Graham
7f2505ad9e
Fixed doc typos.
2014-02-28 11:44:03 -05:00
Tim Graham
28b70425af
Added docs for the hasher's iteration count changes.
2013-10-21 20:32:02 +02:00
Erik Romijn
2c4fe761a0
Fixed #20593 -- Allow blank passwords in check_password() and set_password()
2013-06-18 13:32:54 -04:00
Donald Stufft
8f0a4665d6
Recommend using the bcrypt library instead of py-bcrypt
...
* py-bcrypt has not been updated in some time
* py-bcrypt does not support Python3
* py3k-bcrypt, a port of py-bcrypt to python3 is not compatible
with Django
* bcrypt is supported on all versions of Python that Django
supports
2013-05-13 23:49:00 -04:00
Donald Stufft
f2a0be6151
Fix a missing " character in the password documentation
2013-03-26 15:26:20 -04:00
Donald Stufft
25f2acfed0
Fixed #20138 -- Added BCryptSHA256PasswordHasher
...
BCryptSHA256PasswordHasher pre-hashes the users password using
SHA256 to prevent the 72 byte truncation inherient in the BCrypt
algorithm.
2013-03-26 13:26:57 -04:00