chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
Preston Timmons
b52c73008a
Fixed #15667 -- Added template-based widget rendering.
...
Thanks Carl Meyer and Tim Graham for contributing to the patch.
2016-12-27 17:50:10 -05:00
Aymeric Augustin
cb7bbf97a7
Fixed #25966 -- Made get_user_model() work at import time.
...
This makes it equivalent to: `from django.contrib.auth.models import User`.
Thanks Aymeric Augustin for the initial patch and Tim Graham for the
review.
2016-11-25 14:15:49 +01:00
levental
617e36dc1e
Fixed #20705 -- Allowed using PasswordResetForm with user models with an email field not named 'email'.
2016-09-27 11:59:00 -04:00
Aleksej Manaev
4b9330ccc0
Fixed #25187 -- Made request available in authentication backends.
2016-09-12 20:11:53 -04:00
Alexander Gaevsky
536db42cf0
Fixed #26097 -- Added password_validators_help_text_html to UserCreationForm.
2016-09-10 18:23:18 -04:00
Jon Dufresne
ae98d40c35
Fixed #27136 -- Changed auth forms' autofocus attribute to HTML5 boolean syntax.
2016-08-28 17:19:50 -07:00
Berker Peksag
a02b5848ae
Replaced property() usage with decorator in several places.
2016-08-25 20:06:22 -04:00
Berker Peksag
3c18f8a3d2
Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields.
2016-08-24 13:20:12 -04:00
Olexander Yermakov
975a76a964
Fixed #26951 -- Allowed AuthenticationForm to work with a username of 0.
2016-08-10 09:44:48 -04:00
Claude Paroz
9935f97cd2
Refs #21379 -- Normalized unicode username inputs
2016-05-16 19:38:02 +02:00
Tim Graham
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
Berker Peksag
efa9539787
Fixed #26381 -- Made UserCreationForm reusable with custom user models that define USERNAME_FIELD.
2016-03-21 12:32:42 -04:00
Vincenzo Pandolfo
d0fe6c9156
Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields.
2016-03-14 20:20:24 -04:00
Thomas Grainger
d638cdc42a
Fixed #25165 -- Removed inline JavaScript from the admin.
...
This allows setting a Content-Security-Policy HTTP header
(refs #15727 ).
Special thanks to blighj, the original author of this patch.
2015-12-05 15:51:57 -05:00
sujayskumar
d8d853378b
Fixed #24944 -- Added extra_email_context parameter to password_reset() view.
2015-09-18 18:56:04 -04:00
Maxime Lorant
5153a3bfdc
Fixed #25331 -- Removed trailing blank lines in docstrings.
2015-08-31 17:37:21 -04:00
Wim Feijen
c082363527
Reworded contrib.auth forms' password confirmation help_text.
...
"As above" refers to a spatial orientation, which might
not be present, for example when the two password fields
are shown next to each other.
2015-07-20 15:51:50 -04:00
Tim Graham
774c16d16e
Fixed #25052 ; refs #16860 -- Added password validation to UserCreationForm.
2015-07-20 13:44:34 -04:00
Tim Graham
f5e9d67907
Refs #16860 -- Moved password_changed() logic to AbstractBaseUser.
...
Thanks Carl Meyer for review.
2015-07-20 13:44:26 -04:00
Erik Romijn
1daae25bdc
Fixed #16860 -- Added password validation to django.contrib.auth.
2015-06-07 19:31:20 +02:00
Piotr Jakimiak
4157c502a5
Removed unnecessary arguments in .get method calls
2015-05-13 20:51:18 +02:00
Claude Paroz
c2bfd76ec3
Refs #15779 -- Fixed UserChangeForm regression introduced by 1791a7e75
...
Thanks Tim Graham for reporting the regression.
2015-03-28 09:24:01 +01:00
Thomas Tanner
28986da4ca
Fixed #5986 -- Added ability to customize order of Form fields
2015-03-16 09:12:57 -04:00
Tim Graham
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
Tim Graham
a53541852d
Removed contrib.auth.forms.mask_password()
...
This function is unused since dce820ff70
after being introduced in 718a5ba1a1
2015-02-02 11:13:14 -05:00
Tim Graham
271d4f8f85
Fixed #23948 -- Moved password help text from the template to the form.
...
Thanks Mithos for the report and patch.
2014-12-26 08:09:12 -05:00
Berker Peksag
560b4207b1
Removed redundant numbered parameters from str.format().
...
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00
Carl Meyer
89559bcfb0
Fixed #23409 -- Extract PasswordResetForm.get_users method.
...
Allows easier customization of policies regarding which users are allowed to
reset their password.
Thanks Aymeric for review.
2014-09-03 12:25:11 -06:00
Gabriel Muñumel
deed00c0d8
Fixed #23162 -- Renamed forms.Field._has_changed() to has_changed().
2014-08-15 08:14:45 -04:00
Iain Dawson
8fbf13a6c8
Replaced instances of 'his/her' with 'their'.
2014-07-21 19:49:12 +00:00
Yin Jifeng
849538d03d
Fixed #13147 -- Moved User validation logic from form to model.
2014-07-10 09:36:43 -04:00
Jorge C. Leitão
a00b78b1e2
Fixed #17431 -- Added send_mail() method to PasswordResetForm.
...
Credits for the initial patch go to ejucovy;
big thanks to Tim Graham for the review.
2014-06-10 14:00:52 -04:00
Tim Graham
ed4c2e1c0d
Fixed #22329 -- Used label_tag() in some admin auth templates.
...
refs #17922 .
2014-03-29 08:54:56 -04:00
Aymeric Augustin
9ffab9cee1
Moved RequestSite and get_current_site.
...
Following the app-loading refactor, these objects must live outside of
django.contrib.sites.models because they must be available without
importing the django.contrib.sites.models module when
django.contrib.sites isn't installed.
Refs #21680 . Thanks Carl and Loic for reporting this issue.
2014-01-26 08:50:47 +01:00
Aymeric Augustin
8f04f53dd8
Removed a few gratuitous lambdas.
2013-12-26 14:03:50 +01:00
Loic Bistuer
6685713869
Fixed E127 pep8 warnings.
2013-12-14 11:59:15 -05:00
Claude Paroz
5f52590368
Fixed #21291 -- Ensured inactive users cannot reset their passwords
...
Thanks kz26 for the report and the suggested fix. Refs #19758 .
2013-10-19 10:43:06 +02:00
Florian Apolloner
5d74853e15
Revert "Ensure that passwords are never long enough for a DoS."
...
This reverts commit aae5a96d57
.
This fix is no longer necessary, our pbkdf2 (see next commit) implementation
no longer rehashes the password every iteration.
2013-09-24 21:01:21 +02:00
Tim Graham
18ffdb1772
Fixed #17627 -- Renamed util.py files to utils.py
...
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Russell Keith-Magee
aae5a96d57
Ensure that passwords are never long enough for a DoS.
...
* Limit the password length to 4096 bytes
* Password hashers will raise a ValueError
* django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change
Thanks to Josh Wright for the report, and Donald Stufft for the patch.
This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Simon Charette
11cd7388f7
Fixed #20989 -- Removed useless explicit list comprehensions.
2013-08-30 10:57:51 -04:00
Justin Michalicek
6d88d47be6
Fixed #20832 -- Enabled HTML password reset email
...
Added optional html_email_template_name parameter to password_reset view
and PasswordResetForm.
2013-08-05 09:47:28 -04:00
Curtis Maloney
07876cf02b
Deprecated SortedDict (replaced with collections.OrderedDict)
...
Thanks Loic Bistuer for the review.
2013-08-04 07:09:39 -04:00
Tim Graham
a1889397a9
Fixed #12103 -- Added AuthenticationForm.confirm_login_allowed to allow customizing the logic policy.
...
Thanks ejucovy and lasko for work on the patch.
2013-07-31 13:54:05 -04:00
Kirill Fomichev
33242fe015
Fixed #19019 -- Fixed UserAdmin to log password change.
...
Thanks Tuttle for the report.
2013-07-23 08:33:07 -04:00
Claude Paroz
6118d6d1c9
More import removals
...
Following the series of commits removing deprecated features in
Django 1.7, here are some more unneeded imports removed and other
minor cleanups.
2013-06-29 11:58:36 +02:00
Ramiro Morales
f02a703ca6
Removed AuthenticationForm.check_for_test_cookie() as per deprecation TL.
2013-06-28 21:48:15 -03:00
Tim Graham
1184d07789
Fixed #14881 -- Modified password reset to work with a non-integer UserModel.pk.
...
uid is now base64 encoded in password reset URLs/views. A backwards compatible
password_reset_confirm view/URL will allow password reset links generated before
this change to continue to work. This view will be removed in Django 1.7.
Thanks jonash for the initial patch and claudep for the review.
2013-06-26 13:11:47 -04:00