Claude Paroz
e663f695fb
Fixed #31359 -- Deprecated get_random_string() calls without an explicit length.
2020-03-11 13:16:44 +01:00
Jon Dufresne
769cee5252
Fixed #31327 -- Deprecated providing_args argument for Signal.
2020-03-05 09:38:52 +01:00
aryan
fba5d3b6e6
Fixed #31289 -- Added hint for USERNAME_FIELD/REQUIRED_FIELDS system check.
2020-02-26 08:40:36 +01:00
Claude Paroz
da4923ea87
Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm.
2020-02-12 21:46:56 +01:00
Nick Pope
335c9c94ac
Simplified imports from django.db and django.contrib.gis.db.
2020-02-04 13:20:06 +01:00
Claude Paroz
5dabb6002e
Updated translations from Transifex.
...
Forwardport of ca4f87027e
from stable/3.0.x
2020-01-31 20:59:10 +01:00
Mariusz Felisiak
b7a3a6c9ef
Used model's Options.label/label_lower where applicable.
2020-01-29 12:09:20 +01:00
Michael Mulholland
5a68a223c7
Fixed #31200 -- Added system checks for permissions codenames max length.
2020-01-23 12:22:59 +01:00
Mike Hansen
35d36d9462
Refs #30585 -- Updated project templates and tests to use (block)translate tags.
2019-12-18 13:15:38 +01:00
Simon Charette
5b1fbcef7a
Fixed CVE-2019-19844 -- Used verified user email for password reset requests.
...
Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
2019-12-18 09:11:39 +01:00
Baptiste Mispelon
3df3c5e670
Fixed #26480 -- Fixed crash of contrib.auth.authenticate() on decorated authenticate() methods of authentication backends.
...
The Signature API (PEP 362) has better support for decorated functions
(by default, it follows the __wrapped__ attribute set by
functools.wraps for example).
2019-12-10 09:36:30 +01:00
Carlton Gibson
6376278a90
Updated contrib translations from Transifex.
...
Forward port of 4afa0e5d2a
from stable/3.0.x
2019-12-02 11:25:23 +01:00
Mariusz Felisiak
e8fcdaad5c
Fixed #31021 -- Fixed proxy model permissions data migration crash with a multiple databases setup.
...
Regression in 98296f86b3
.
2019-11-29 08:23:01 +01:00
Jon Dufresne
aa12cf07c9
Removed unnecessary numeric indexes in format strings.
2019-11-19 08:29:47 +01:00
Mariusz Felisiak
6e99585c19
Fixed #30941 -- Reverted "Simplified AuthenticationMiddleware a bit."
...
This reverts commit 2f010795e6
.
2019-11-13 16:33:25 +01:00
Hasan Ramezani
4cec3cc82a
Fixed #30977 -- Optimized PasswordResetForm.save() a bit.
...
Moved site variables assignment outside of the loop.
2019-11-11 10:40:04 +01:00
Jon Dufresne
edeec1247e
Passed strict=True to Path.resolve() to enforce that the path must exist.
2019-11-05 14:22:20 +01:00
Jon Dufresne
b9fe7f9294
Fixed #30947 -- Changed tuples to lists in model Meta options in django.contrib modules.
...
The Django "Model Meta options" docs provide examples and generally
point the reader to use lists for the unique_together and ordering
options. Follow our own advice for contrib models.
More generally, lists should be used for homogeneous sequences of
arbitrary lengths of which both unique_together and ordering are.
2019-11-05 08:16:31 +01:00
Sergey Fedoseev
2f010795e6
Simplified AuthenticationMiddleware a bit.
...
SimpleLazyObject already caches value in _wrapped.
2019-10-29 13:20:13 +01:00
Sergey Fedoseev
0315c18fe1
Refs #26601 -- Removed obsolete workarounds for MIDDLEWARE_CLASSES setting.
2019-10-23 08:18:48 +02:00
Hasan Ramezani
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
Sam Reynolds
6c9778a58e
Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
...
Regression in 5ceaf14686
.
Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
2019-09-18 11:37:38 +02:00
Carlton Gibson
b5db65c4fb
Increased the default PBKDF2 iterations for Django 3.1.
2019-09-12 17:24:01 +02:00
Mariusz Felisiak
d17be88afd
Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Claude Paroz
5495ea3ae0
Updated translation catalogs
2019-09-08 17:35:32 +02:00
Carlton Gibson
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
Nick Pope
999891bd80
Refs #29379 -- Moved autocomplete attribute to UsernameField.
...
Moving the autocomplete attribute into UsernameField allows this to work
for custom forms making use of UsernameField, removes some duplication
in the code, and keeps consistency with the autocapitalize attribute
that is already defined on UsernameField.
2019-09-02 10:50:56 +02:00
Berker Peksag
400ec5125e
Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
daniel a rios
b5a5c92c72
Fixed #30066 -- Enabled super user creation without email and password
2019-08-29 12:49:16 +02:00
Hasan Ramezani
03dbdfd9bb
Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS.
2019-08-26 14:48:40 +02:00
Hasan Ramezani
a5308514fb
Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields.
2019-07-02 12:55:09 +02:00
Claude Paroz
d54baf6970
Updated translations from Transifex
...
Forward port of b3f7262e6e
from stable/2.2.x
2019-06-29 16:17:16 +02:00
Jon Dufresne
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
Aymeric Augustin
3ee0834a46
Fixed #30556 -- Avoided useless query and hasher call in ModelBackend.authenticate() when credentials aren't provided.
...
There's no need to fetch a user instance from the database unless
a username and a password are provided as credentials.
2019-06-10 11:12:31 +02:00
Hasan Ramezani
dcb8f00d06
Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
...
Thank you to Nick Pope for review.
Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
Tobias Bengfort
581a0f4545
Refs #30226 -- Added User.get_user_permissions() method.
...
Added to mirror the existing User.get_group_permissions().
2019-06-05 13:56:37 +02:00
Tobias Bengfort
75337a6050
Fixed #30226 -- Added BaseBackend for authentication.
2019-06-05 13:39:46 +02:00
Rob
58df8aa40f
Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs.
...
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
2019-05-24 08:40:25 +02:00
Mariusz Felisiak
2007e11d70
Forced utf-8 encoding when loading common passwords in CommonPasswordValidator.
...
Previously we used `decode()` which defaults to utf-8. This change
restores previous behavior.
Follow up to 28eac41510
.
2019-05-23 08:39:16 +02:00
Jon Dufresne
b711eafd2a
Refs #30116 -- Removed unnecessary str() calls in CommonPasswordValidator.
...
open() and gzip.open() supports path-like objects since Python 3.6.
2019-05-22 19:47:28 +02:00
Brad Solomon
28eac41510
Improved performance of loading common passwords in CommonPasswordValidator.
...
CommonPasswordValidator.__init__ previously called either splitlines or
readlines, creating an unneeded intermediate list in memory. For large
custom password files, this could be burdensome.
2019-05-22 06:55:21 +02:00
Carlton Gibson
98296f86b3
Fixed #30351 -- Handled pre-existing permissions in proxy model permissions data migration.
...
Regression in 181fb60159
.
2019-04-27 20:18:22 +02:00
Claude Paroz
3e01aab533
Updated contrib translations from Transifex.
...
Forwardport of 7090cbf542
from 2.2.x.
2019-04-01 12:22:15 +02:00
pmisteli
9410db9683
Fixed #30236 -- Made UsernameField render with autocapitalize="none" HTML attribute.
...
This prevents automatic capitalization, which is the default behavior in
some browsers.
2019-03-29 15:24:44 +01:00
Ryan J Schave
cbf7e71558
Fixed #30257 -- Made UsernameValidators prohibit trailing newlines.
2019-03-22 13:16:25 -04:00
Claude Paroz
a8e2a9bac6
Refs #15902 -- Deprecated storing user's language in the session.
2019-02-14 10:23:02 -05:00
Gregory N. Schmit
48c17807a9
Fixed #16027 -- Added app_label to ContentType.__str__().
2019-02-07 19:56:47 -05:00
Nick Pope
24b82cd201
Fixed #30159 -- Removed unneeded use of OrderedDict.
...
Dicts preserve order since Python 3.6.
2019-02-06 13:48:39 -05:00
Jon Dufresne
7785e03ba8
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
...
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-28 11:15:06 -05:00
Tim Graham
06670015f7
Increased the default PBKDF2 iterations for Django 3.0.
2019-01-17 11:15:27 -05:00