innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
30,062 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

1098 Commits

Author SHA1 Message Date
Mariusz Felisiak 5bac1719a2
Refs #32355 -- Used @functools.lru_cache as a straight decorator. 2021-09-27 09:10:58 +02:00
Mariusz Felisiak 7d909b2282 Updated source translation catalogs. 
Forwardport of 5b8cc4ce26 from stable/4.0.x.
 2021-09-21 13:40:07 +02:00
Mariusz Felisiak 32b7ffc2bb Increased the default PBKDF2 iterations for Django 4.1. 2021-09-20 21:23:01 +02:00
Mateo Radman a7f27fca52 Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in encode() methods of remaining password hashers. 2021-09-06 07:47:53 +02:00
Premkumar Chalmeti fffeb5df55
Removed redundant definition of UserModel in ModelBackend.with_perm(). 2021-08-09 10:36:55 +02:00
David Smith 1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
ryowright 1783b3cb24 Fixed #32275 -- Added scrypt password hasher. 
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 2021-07-22 12:40:33 +02:00
Mariusz Felisiak 83022d279c
Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in encode() methods of some password hashers. 2021-07-22 09:42:07 +02:00
Mariusz Felisiak a56531ab1b
Fixed #32910 -- Unified different plural equations for the same language in contrib apps. 
Thanks Martin Svoboda for the report and initial patch.
 2021-07-15 20:42:17 +02:00
Claude Paroz 495083e3e1 Updated translations from Transifex. 
Forwardport of 04b744050f from stable/3.2.x.
 2021-06-28 07:08:39 +02:00
Mateo Radman 8a7ac78b70 Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00
abhiabhi94 22da686ca9 Refs #24121 -- Added __repr__() to PermWrapper. 2021-05-28 08:03:23 +02:00
David Sanders 2978c63a34 Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value. 2021-05-20 07:04:26 +02:00
David Sanders 536c155e67 Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget. 
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
 2021-05-19 20:34:57 +02:00
David Wobrock ee3b719a81 Refs #32675 -- Removed to_field from ForeignKeys in contrib apps' migrations. 
Refs #22889.
 2021-04-29 07:46:22 +02:00
François Freitag 6b0b3eafd6 Fixed #32664 -- Made PasswordResetTokenGenerator.secret validation lazy. 
Django apps initialization to run management command triggers the admin
autodiscovery. Importing django.contrib.auth.tokens creates an instance
of PasswordResetTokenGenerator which required a SECRET_KEY.

For several management commands, the token generator is unused. It
should only complain about a missing SECRET_KEY when it is used.
 2021-04-20 07:34:53 +02:00
Claude Paroz 90b95d2959 Updated translations from Transifex. 
Forwardport of 1ea5e98315 from stable/3.2.x.
 2021-04-06 06:19:31 +02:00
William Schwartz 9ee693bd6c Fixed #32316 -- Deferred accessing __file__. 
Deferred accessing the module-global variable __file__ because the
Python import API does not guarantee it always exists—in particular, it
does not exist in certain "frozen" environments. The following changes
advanced this goal.

Thanks to Carlton Gibson, Tom Forbes, Mariusz Felisiak, and Shreyas
Ravi for review and feedback.
 2021-04-01 14:33:30 +02:00
Hasan Ramezani a2d5ea626e Refs #32508 -- Raised ImproperlyConfigured instead of using "assert" in middlewares. 2021-03-11 08:34:28 +01:00
ThinkChaos b99d6c9cbc Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView. 2021-02-08 21:08:05 +01:00
Mariusz Felisiak a948d9df39 Increased the default PBKDF2 iterations for Django 4.0. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 0aa6a602b2 Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting. 
Per deprecation timeline.
 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 6b4941dd57 Refs #27468 -- Removed support for the pre-Django 3.1 user sessions. 
Per deprecation timeline.
 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 66b4046d68 Refs #27468 -- Removed support for the pre-Django 3.1 password reset tokens. 
Per deprecation timeline.
 2021-01-14 17:50:04 +01:00
Jon Moroney 76ae6ccf85 Fixed #31358 -- Increased salt entropy of password hashers. 
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
 2021-01-14 11:20:28 +01:00
Florian Apolloner 64cc9dcdad Refs #31358 -- Added constant for get_random_string()'s default alphabet. 2021-01-13 20:40:40 +01:00
Florian Apolloner c76d51b3ad Refs #31358 -- Fixed decoding salt in Argon2PasswordHasher. 
Argon2 encodes the salt as base64 for representation in the final hash
output. To be able to accurately return the used salt from decode(),
add padding, b64decode, and decode from latin1 (for the remote
possibility that someone supplied a custom hash consisting solely of
bytes -- this would require a manual construction of the hash though,
Django's interface does not allow for that).
 2020-12-28 11:02:08 +01:00
Florian Apolloner 1b7086b2ea Refs #31358 -- Simplified Argon2PasswordHasher.must_update() by using decode(). 2020-12-28 11:02:03 +01:00
Tom Forbes b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys. 
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
 2020-12-15 11:25:46 +01:00
Timo Ludwig d8dfff2ab0 Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. 2020-12-03 09:32:08 +01:00
Martin Thoma 302caa40e4 Made small readability improvements. 2020-10-28 20:20:20 +01:00
Hasan Ramezani 4eb756793b
Refs #28215 -- Marked auth credentials as sensitive variables. 
Co-authored-by: Collin Anderson <collin@onetencommunications.com>
 2020-10-28 14:21:53 +01:00
Mariusz Felisiak 3418092238
Fixed #32130 -- Fixed pre-Django 3.1 password reset tokens validation. 
Thanks Gordon Wrigley for the report and implementation idea.

Regression in 226ebb1729.
 2020-10-22 13:21:14 +02:00
Jacob Walls 0362b0e986 Fixed #26615 -- Made password reset token invalidate when changing email. 
Co-Authored-By: Silas Barta <sbarta@gmail.com>
 2020-10-21 09:29:53 +02:00
Hannes Ljungberg f7963615eb Fixed #32121 -- Fixed detecting uniqueness of USERNAME_FIELD when using Meta.constraints. 
Co-authored-by: Simon Charette <charettes@users.noreply.github.com>
 2020-10-20 07:23:51 +02:00
Claude Paroz 5fcfe5361e Updated translations from Transifex. 
Forwardport of f7397bb7c8 from stable/3.1.x.
 2020-09-30 10:25:48 +02:00
Mariusz Felisiak e39e727ded
Fixed #31912 -- Removed strict=True in Path.resolve() in project template and CommonPasswordValidator. 
This caused permission errors when user didn't have permissions to
all intermediate directories in a Django installation path.

Thanks tytusd and leonyxz for reports.

Regression in edeec1247e and
26554cf5d1.
 2020-08-28 05:57:36 +02:00
Phil Gyford e02738bf55 Refs #31913 -- Corrected comment in PasswordResetTokenGenerator. 
Follow up to da4923ea87.
 2020-08-27 12:57:16 +02:00
Yan Mitrofanov b88f98738f Fixed #31878 -- Made createsuperuser respect --database option in default usernames. 2020-08-14 11:08:20 +02:00
Mariusz Felisiak d907371ef9 Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting. 
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
 2020-08-04 09:35:24 +02:00
Claude Paroz 1a60838fa6 Updated translations from Transifex 2020-08-01 20:41:11 +02:00
Florian Apolloner 948a874425
Fixed #29324 -- Made SECRET_KEY validation lazy (on first access). 2020-07-29 09:06:54 +02:00
Aymeric Augustin 3f2821af6b
Fixed #31180 -- Configured applications automatically. 2020-07-21 10:35:12 +02:00
Hasan Ramezani 7af8f41273 Refs #26445 -- Allowed using UserManager.create_user()/create_superuser() in migrations. 
Used app config to lookup user model in _create_user().

Thanks Markus Holtermann for the review and initial patch.
Thanks Simon Charette for the implementation idea.
 2020-07-06 11:47:22 +02:00
Frantisek Holop cc7c16af98 Fixed #31443 -- Fixed login redirection in auth mixins when LOGIN_URL is off-site URL. 2020-06-23 10:38:35 +02:00
Jon Moroney 136ec9b62b Refs #31358 -- Added decode() to password hashers. 
By convention a hasher which does not use a salt should populate the
decode dict with `None` rather than omit the dict key.

Co-Authored-By: Florian Apolloner <apollo13@users.noreply.github.com>
 2020-06-23 08:36:59 +02:00
Florian Apolloner 1621f06051 Fixed #30472 -- Made Argon2PasswordHasher use Argon2id. 2020-06-17 08:10:41 +02:00
Florian Apolloner faad809e09 Refs #30472 -- Simplified Argon2PasswordHasher with argon2-cffi 19.1+ API. 2020-06-17 08:10:41 +02:00
Tom Carrick 69a78a4a63
Fixed comment in django/contrib/auth/urls.py. 2020-06-10 08:39:09 +02:00
René Fleschenberg 578b3046e3 Reverted "Refs #23919 -- Removed obsolete __init__.py files in management command directories." 
This reverts commit ccc25bfe4f.

https://groups.google.com/d/topic/django-developers/GVHMH2ciAnk/discussion
 2020-06-01 10:55:41 +02:00