David Wobrock
|
6937c92169
|
[4.2.x] Fixed #34384 -- Fixed session validation when rotation secret keys.
Bug in 0dcd549bbe .
Thanks Eric Zarowny for the report.
Backport of 2396933ca9 from main
|
2023-03-08 11:33:03 +01:00 |
|
django-bot
|
62510f01e7
|
[4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.
|
2023-03-01 13:39:03 +01:00 |
|
Joseph Victor Zammit
|
5bdd6223a2
|
[4.2.x] Refs #34140 -- Corrected rst code-block and various formatting issues in docs.
Backport of ba755ca131 from main
|
2023-02-28 12:54:33 +01:00 |
|
Carlton Gibson
|
b784768eef
|
[4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
Backport of 534ac48297 from main.
|
2023-02-10 21:12:06 +01:00 |
|
fschwebel
|
5159e05e40
|
[4.2.x] Fixed typo in docs/topics/auth/passwords.txt.
Wrapped hashing is only possible if the inner wrapped function is the
same as the previous hasher.
Backport of 0265b1b49b from main
|
2023-01-30 08:32:13 +01:00 |
|
Paul Schilling
|
298d02a77a
|
Fixed #25617 -- Added case-insensitive unique username validation in UserCreationForm.
Co-Authored-By: Neven Mundar <nmundar@gmail.com>
|
2022-12-29 09:42:22 +01:00 |
|
sdolemelipone
|
9d726c7902
|
Fixed #34187 -- Made UserCreationForm save many-to-many fields.
|
2022-11-29 05:56:53 +01:00 |
|
Mariusz Felisiak
|
662497cece
|
Doc's check_password()'s setter and preferred arguments.
Follow up to 90e05aaeac .
|
2022-11-28 08:13:51 +01:00 |
|
Tony Lechner
|
b088cc2fea
|
Fixed #34154 -- Made mixin headers consistent in auth docs.
|
2022-11-14 05:28:27 +01:00 |
|
Trey Hunner
|
fad070b07b
|
Improved readability of string interpolation in frequently used examples in docs.
|
2022-11-10 13:18:38 +01:00 |
|
Paolo Melchiorre
|
fa3afc5d86
|
Fixed #34056 -- Updated the list of common passwords for CommonPasswordValidator.
|
2022-09-28 18:40:05 +02:00 |
|
Ritik Soni
|
c11336cd99
|
Fixed #34017 -- Doc'd that Argon2id variant is used by Argon2PasswordHasher.
|
2022-09-17 09:49:09 +02:00 |
|
DevilsAutumn
|
6b0bbaf453
|
Fixed #34019 -- Removed obsolete references to "model design considerations" note.
|
2022-09-17 08:02:13 +02:00 |
|
Alex Morega
|
de6c9c7054
|
Refs #30947 -- Changed tuples to lists where appropriate.
|
2022-08-30 09:57:17 +02:00 |
|
Claude Paroz
|
3b79dab19a
|
Refs #33691 -- Deprecated insecure password hashers.
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher
are now deprecated.
|
2022-07-23 21:29:31 +02:00 |
|
Ciaran McCormick
|
286e7d076c
|
Fixed #33764 -- Deprecated BaseUserManager.make_random_password().
|
2022-06-03 07:30:57 +02:00 |
|
Mariusz Felisiak
|
ac90529cc5
|
Fixed docs build with sphinxcontrib-spelling 7.5.0+.
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set
of nodes for which the text is checked.
|
2022-05-31 11:17:01 +02:00 |
|
Carlton Gibson
|
ca1c3151c3
|
Removed versionadded/changed annotations for 4.0.
|
2022-05-17 14:22:06 +02:00 |
|
Mariusz Felisiak
|
02dbf1667c
|
Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher.
|
2022-05-11 09:13:45 +02:00 |
|
David
|
ce586ed693
|
Removed hyphen from pre-/re- prefixes.
"prepopulate", "preload", and "preprocessing" are already in the
spelling_wordlist.
This also removes hyphen from double "e" combinations with "pre" and
"re", e.g. preexisting, preempt, reestablish, or reenter.
See also:
- https://ahdictionary.com/word/search.html?q=rerun
- https://ahdictionary.com/word/search.html?q=recreate
- https://ahdictionary.com/word/search.html?q=predetermined
- https://ahdictionary.com/word/search.html?q=reuse
- https://ahdictionary.com/word/search.html?q=reopening
|
2022-04-28 10:44:14 +02:00 |
|
Lucidiot
|
13a9cde133
|
Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD when using Meta.constraints.
|
2022-04-01 11:39:41 +02:00 |
|
René Fleschenberg
|
eb07b5be0c
|
Fixed #15619 -- Deprecated log out via GET requests.
Thanks Florian Apolloner for the implementation idea.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|
2022-03-29 06:42:14 +02:00 |
|
tschilling
|
0dcd549bbe
|
Fixed #30360 -- Added support for secret key rotation.
Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
|
2022-02-01 11:12:24 +01:00 |
|
Brad Solomon
|
b55ebe3241
|
Fixed #33443 -- Clarified when PasswordResetView sends an email.
|
2022-01-17 07:44:46 +01:00 |
|
Adam Johnson
|
652c68ffee
|
Clarified how contrib.auth picks a password hasher for verification.
|
2022-01-13 20:46:18 +01:00 |
|
David
|
cc8e771c64
|
Fixed malformed attribute directives in docs.
|
2022-01-05 08:11:13 +01:00 |
|
Florian Apolloner
|
968a3d01fa
|
Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
|
2022-01-04 10:02:05 +01:00 |
|
Mariusz Felisiak
|
ad6bb20557
|
Avoided counting attributes and methods in docs.
|
2021-12-28 12:36:57 +01:00 |
|
Adam Johnson
|
b0d16d0129
|
Changed signatures of setting_changed signal receivers.
|
2021-12-17 13:07:04 +01:00 |
|
Adam Johnson
|
41329b9852
|
Improved wording in password validators docs and docstrings.
|
2021-12-13 18:53:07 +01:00 |
|
Mariusz Felisiak
|
fd881e8cd9
|
Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label.
|
2021-10-19 13:05:13 +02:00 |
|
Mariusz Felisiak
|
97237ad3fe
|
Removed versionadded/changed annotations for 3.2.
|
2021-09-20 21:23:01 +02:00 |
|
Andrew Northall
|
c23aa73626
|
Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.
|
2021-08-17 12:18:07 +02:00 |
|
David Smith
|
1024b5e74a
|
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
|
2021-07-29 06:24:12 +02:00 |
|
ryowright
|
1783b3cb24
|
Fixed #32275 -- Added scrypt password hasher.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|
2021-07-22 12:40:33 +02:00 |
|
yyyyyyyan
|
e197dcca36
|
Clarified docs about increasing the work factor for bcrypt hasher.
|
2021-05-20 20:24:51 +02:00 |
|
Nick Pope
|
c156e36955
|
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
|
2021-05-17 09:46:09 +02:00 |
|
ThinkChaos
|
b99d6c9cbc
|
Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.
|
2021-02-08 21:08:05 +01:00 |
|
Mariusz Felisiak
|
59841170ba
|
Used .. attribute:: directive in authentication views docs.
|
2021-02-08 18:12:58 +01:00 |
|
Mariusz Felisiak
|
b7dd89ed53
|
Removed versionadded/changed annotations for 3.1.
|
2021-01-14 17:50:04 +01:00 |
|
Jon Moroney
|
76ae6ccf85
|
Fixed #31358 -- Increased salt entropy of password hashers.
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
|
2021-01-14 11:20:28 +01:00 |
|
Timo Ludwig
|
d8dfff2ab0
|
Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default.
|
2020-12-03 09:32:08 +01:00 |
|
Roy Zheng
|
804f2b7024
|
Added note about password updates on argon2 attributes change.
|
2020-08-11 07:51:27 +02:00 |
|
Nick Pope
|
feb91dbda1
|
Used :mimetype: role in various docs.
|
2020-05-13 09:14:04 +02:00 |
|
Mariusz Felisiak
|
4c5236ef93
|
Removed versionadded/changed annotations for 3.0.
|
2020-05-13 09:07:51 +02:00 |
|
Mariusz Felisiak
|
54646a423b
|
Refs #27468 -- Made user sessions use SHA-256 algorithm.
|
2020-04-29 16:45:00 +02:00 |
|
François Freitag
|
9ef4a18dbe
|
Changed django.forms.ValidationError imports to django.core.exceptions.ValidationError.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|
2020-04-28 10:49:00 +02:00 |
|
Mariusz Felisiak
|
ca769c8c13
|
Fixed #31505 -- Doc'd possible email addresses enumeration in PasswordResetView.
|
2020-04-27 18:06:11 +02:00 |
|
Tanmay Vijay
|
e43abbbd70
|
Doc'd PasswordChangeView/PasswordResetView.success_url defaults.
|
2020-04-24 08:21:51 +02:00 |
|
Mariusz Felisiak
|
69e2cd6fed
|
Fixed Sphinx warnings on duplicate object descriptions.
|
2020-04-07 09:48:52 +02:00 |
|