Jon Dufresne
16c5a334ff
Refs #27795 -- Replaced force_text/bytes() with decode()/encode() in password hashers.
2018-02-01 12:36:21 -05:00
Tim Graham
af33fb250e
Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
...
Reverted 359370a8b8
(refs #28645 ).
This is a security fix.
2018-02-01 09:05:14 -05:00
Tim Graham
92f48680db
Expanded docs for AbstractBaseUser.has_usable_password().
2018-01-27 11:03:41 -05:00
shanghui
3333d935d2
Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth.
...
Also fixed #28608 -- Allowed UserCreationForm and UserChangeForm to
work with custom user models.
Thanks Sagar Chalise and Rômulo Collopy for reports, and Tim Graham
and Tim Martin for reviews.
2018-01-05 14:47:37 -05:00
Дилян Палаузов
d7b2aa24f7
Fixed #28982 -- Simplified code with and/or.
2018-01-03 20:12:23 -05:00
Дилян Палаузов
d79cf1e9e2
Fixed #28985 -- Removed unneeded None checks before hasattr().
2018-01-03 11:37:06 -05:00
я котик пур-пур
ccc25bfe4f
Refs #23919 -- Removed obsolete __init__.py files in management command directories.
2018-01-03 11:02:26 -05:00
Alvin Lindstam
2cb6b7732d
Fixed #28902 -- Fixed password_validators_help_text_html() double escaping.
2018-01-02 19:51:06 -05:00
Mariusz Felisiak
83a36ac49a
Removed unnecessary trailing commas and spaces in various code.
2017-12-28 21:07:29 +01:00
Дилян Палаузов
4c599ece57
Fixed #28930 -- Simplified code with any() and all().
2017-12-26 17:11:15 -05:00
Nick Pope
d13a9e44de
Fixed #28909 -- Simplified code using tuple/list/set/dict unpacking.
2017-12-11 07:08:45 -05:00
Claude Paroz
d0932ce8fc
Updated contrib translations from Transifex
...
Forward port of 765e6de924
from stable/2.0.x
2017-12-01 21:51:30 +01:00
shanghui
359370a8b8
Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user error when using ModelBackend.
...
Regression in e0a3d93730
.
Thanks Guilherme Junqueira for the report and Tim Graham for the review.
2017-11-08 09:39:12 -05:00
Tom
b81905bfd4
Fixed #28571 -- Added a prompt to bypass password validation in createsuperuser.
2017-11-03 20:00:08 -04:00
Jon Dufresne
6ed347d851
Fixed #28706 -- Moved AuthenticationFormn invalid login ValidationError to a method for reuse.
2017-10-23 09:10:45 -04:00
Lucas Connors
5ceaf14686
Fixed #27515 -- Made AuthenticationForm's username field use the max_length from the model field.
...
Thanks Ramin Farajpour Cami for the report.
2017-10-20 11:13:26 -04:00
Yuri Kaszubowski Lopes
d98210c255
Fixed #28713 -- Prevented ModelBackend.get_all_permissions() from mutating get_user_permissions().
2017-10-14 20:47:49 -04:00
Tim Graham
0edff2107f
Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS.
2017-10-12 14:58:18 -04:00
Hasan Ramezani
6aec130a4c
Fixed #28591 -- Added an error message for createsuperuser --username= (blank).
2017-10-09 21:49:35 -04:00
Tim Graham
67a6ba391b
Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS."
...
This reverts commit 95993a89ce
.
2017-09-25 09:05:00 -04:00
Claude Paroz
1f3dfd783d
Updated translation catalogs
...
Forward port of 600104172a
from stable/2.0.x.
2017-09-24 13:54:54 +02:00
Tim Graham
5e31be1b96
Refs #25187 -- Required the authenticate() method of authentication backends to have request as the first positional argument.
...
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
6e40b70bf4
Refs #26929 -- Removed extra_context parameter of contrib.auth.views.logout_then_login().
...
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Tim Graham
4f313e284e
Refs #17209 -- Removed login/logout and password reset/change function-based views.
...
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Sjoerd Job Postmus
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00
Tim Graham
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
because try/except performs better.
2017-09-07 08:16:21 -04:00
Sergey Fedoseev
8b2515a450
Removed unneeded __init__() methods.
2017-09-07 08:10:49 -04:00
ZachLiuGIS
2dacc2ccd9
Fixed #28550 -- Restored contrib.auth's login() and logout() views' respect of positional arguments.
...
Regression in 78963495d0
.
Forwardport of f8e0557b01
from stable/1.11.x
2017-09-03 12:06:44 -04:00
hui shang
c0f4c60edd
Fixed #28513 -- Added POST request support to LogoutView.
2017-08-24 09:11:16 -04:00
Mads Jensen
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
Andrew Pinkham
a96b981d84
Fixed #28127 -- Allowed UserCreationForm's password validation to check all user fields.
2017-06-21 09:22:15 -04:00
Chandrakant Kumar
2b09e4c88e
Fixed #27787 -- Made call_command() validate the options it receives.
2017-06-16 21:28:38 -04:00
Mikhail Golubev
e7dc39fb65
Fixed #28229 -- Fixed the value of LoginView's "next" template variable.
2017-06-13 09:13:22 -04:00
Jon Dufresne
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
Claude Paroz
ae2ac4c400
Updated translations from Transifex
...
Forward port of 02158a785e
from stable/1.11.x
2017-05-31 21:43:40 +02:00
Linus Lewandowski
eedc88bd4a
Fixed #26823 -- Prevented update_last_login signal receiver from crashing if User model doesn't have last_login field.
2017-05-29 17:31:18 -04:00
Nick Zaccardi
95993a89ce
Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS.
2017-05-29 09:22:22 -04:00
Jon Dufresne
21046e7773
Fixed #28249 -- Removed unnecessary dict.keys() calls.
...
iter(dict) is equivalent to iter(dict.keys()).
2017-05-27 19:08:46 -04:00
Tom
7afb476469
Fixed #28226 -- Replaced use of str.join() with concatenation.
2017-05-27 13:59:05 -04:00
jannh
c930c241f8
Fixed #28017 -- Allowed customizing PasswordResetTokenGenerator's secret.
2017-05-26 07:37:36 -04:00
Daniel Hahler
a3ba2662cd
Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials.
...
Regression in 3008f30f19
.
2017-05-22 12:24:38 -04:00
Jon Dufresne
f599747fc8
Fixed #28152 -- Made migrations serialize sets as set literals rather than set().
2017-05-18 09:33:40 -04:00
Tamas Szabo
3008f30f19
Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request.
2017-05-15 07:48:15 -04:00
Josh Schneier
5df0ff4155
Fixed #28089 -- Removed requirement to implement get_short_name() and get_full_name() in AbstractBaseUser subclasses.
2017-05-06 17:05:42 -04:00
Claude Paroz
e7f75b0b14
Fixed #28085 -- Added missing plural forms in en translation catalogs
2017-05-05 21:25:37 +02:00
Claude Paroz
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
Claude Paroz
c52ae33a0c
Fixed #28100 -- Removed link in UserChangeForm.password's translatable help_text
2017-04-22 15:39:15 +02:00
Tim Graham
dff559ff83
Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget.
2017-04-19 12:59:30 -04:00
Claude Paroz
2dba812d86
Updated contrib translations from Transifex
...
Forward port of 290b2849f7
from stable/1.11.x
2017-04-04 12:39:02 +02:00
Jon Dufresne
7bbb5161ea
Removed implicit default store_true/false argparse args.
...
argparse automatically sets the default value for store_true/false
arguments to its opposite.
2017-04-01 20:03:56 -04:00