innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
26,124 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

976 Commits

Author SHA1 Message Date
Andrey Kostakov c52ecbda61 Removed shadowing of built-in hash() function. 2018-09-13 10:04:36 -04:00
Alexander Todorov 53ebd4cb13 Fixed #29686 -- Made UserAdmin.user_change_password() pass user to has_change_permission(). 2018-08-17 17:43:00 -04:00
Josh Schneier 8b43e9b1af Fixed #29616 -- Fixed createsuperuser for user models that don't have a password field. 2018-08-05 14:26:03 -04:00
Josh Schneier ec9d0123e0 Made createsuperuser code more DRY. 2018-08-04 09:38:01 -04:00
Josh Schneier 793e9bb35a Fixed #29628 -- Made createsuperuser validate password against username and required fields. 2018-08-04 08:44:25 -04:00
luz.paz 97e637a87f Fixed typos in comments and docs. 2018-08-01 16:09:22 -04:00
Claude Paroz 287fef8693 Updated contrib translations from Transifex 
Forwardport of cbf7e7dc52 from stable/2.1.x.
 2018-08-01 09:24:06 -04:00
Tim Graham f3fa86a89b Fixed #29449 -- Reverted "Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth." 
This reverts commit 3333d935d2 due to
a crash if USERNAME_FIELD isn't a CharField.
 2018-07-02 18:39:26 -04:00
Claude Paroz eac9ab7ebb Removed parser.add_arguments() arguments that match the defaults. 2018-07-02 17:54:57 -04:00
Claude Paroz bec651a427 Fixed #10827 -- Ensured ContentTypes are created before permission creation. 2018-06-03 22:19:04 -04:00
Dohyeon Kim f1f4aeb22e Fixed #28044 -- Unified the logic for createsuperuser's interactive and --noinput modes. 2018-05-29 08:41:32 -04:00
Tim Graham 9792af3648 Increased the default PBKDF2 iterations for Django 2.2. 2018-05-17 11:05:45 -04:00
olivierdalang 825f0beda8 Fixed #8936 -- Added a view permission and a read-only admin. 
Co-authored-by: Petr Dlouhy <petr.dlouhy@email.cz>
Co-authored-by: Olivier Dalang <olivier.dalang@gmail.com>
 2018-05-16 06:44:55 -04:00
Tim Graham cae0107287 Increased the default PBKDF2 iterations for Django 2.1. 2018-05-13 20:06:20 -04:00
Tom 11b8c30b9e Ref #23919 -- Replaced some os.path usage with pathlib.Path. 2018-04-19 21:30:00 -04:00
GS-14 93331877c8 Fixed #29274 -- Increased the number of common passwords from 1k to 20k. 2018-04-16 11:01:47 -04:00
Tim Graham 85d853b2d3
Fixed #29289 -- Clarified PasswordResetTokenGenerator comment regarding the data hashed to generate tokens. 
Thanks Luke Plant for the draft text.
 2018-04-06 11:05:51 -04:00
Malte Gerth 874977d388 Fixed #29270 -- Fixed UserChangeForm crash if password field is excluded. 2018-03-29 15:25:54 -04:00
Abeer Upadhyay 1bf4646f91 Fixed #29258 -- Added type checking for login()'s backend argument. 2018-03-28 10:10:18 -04:00
Tim Graham a4f0e9aec7 Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher. 
Regression in aeb1389442.
Reverted changes to is_password_usable() from
703c266682 and documentation changes from
92f48680db.
 2018-03-22 10:03:43 -04:00
Mattia Procopio aeb8c38178 Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected. 2018-03-15 21:33:15 -04:00
ovalseven8 821e304cc4 Corrected User model docstring about required fields. 
Follow up to 841a87785a.
 2018-03-04 15:24:36 -05:00
Christophe Mehay 40bac28faa Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string. 2018-03-02 11:32:53 -05:00
Claude Paroz 75527c0f83 Updated translations from Transifex 
Forward port of 2126e9317e from stable/2.0.x.
 2018-02-28 20:06:52 +01:00
Tim Graham 56a302f338 Fixed #29141 -- Corrected BCryptPasswordHasher's docstring about truncation. 2018-02-26 14:07:38 -05:00
Mikhail Porokhovnichenko 14e34dcf8c Fixed #29132 -- Avoided connecting update_last_login() handler if User.last_login isn't a field. 2018-02-21 10:36:31 -05:00
Dylan Verheul 9b1125bfc7 Fixed #28379 -- Made AccessMixin raise Permissiondenied for authenticated users. 2018-02-16 13:58:55 -05:00
Tim Graham fe99fb860f
Removed AuthenticationForm.get_user_id(). 
Unused since aab3a418ac.
 2018-02-14 19:09:06 -05:00
Jon Dufresne 16c5a334ff Refs #27795 -- Replaced force_text/bytes() with decode()/encode() in password hashers. 2018-02-01 12:36:21 -05:00
Tim Graham af33fb250e Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm. 
Reverted 359370a8b8 (refs #28645).

This is a security fix.
 2018-02-01 09:05:14 -05:00
Tim Graham 92f48680db Expanded docs for AbstractBaseUser.has_usable_password(). 2018-01-27 11:03:41 -05:00
shanghui 3333d935d2 Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth. 
Also fixed #28608 -- Allowed UserCreationForm and UserChangeForm to
work with custom user models.

Thanks Sagar Chalise and Rômulo Collopy for reports, and Tim Graham
and Tim Martin for reviews.
 2018-01-05 14:47:37 -05:00
Дилян Палаузов d7b2aa24f7 Fixed #28982 -- Simplified code with and/or. 2018-01-03 20:12:23 -05:00
Дилян Палаузов d79cf1e9e2 Fixed #28985 -- Removed unneeded None checks before hasattr(). 2018-01-03 11:37:06 -05:00
я котик пур-пур ccc25bfe4f Refs #23919 -- Removed obsolete __init__.py files in management command directories. 2018-01-03 11:02:26 -05:00
Alvin Lindstam 2cb6b7732d Fixed #28902 -- Fixed password_validators_help_text_html() double escaping. 2018-01-02 19:51:06 -05:00
Mariusz Felisiak 83a36ac49a
Removed unnecessary trailing commas and spaces in various code. 2017-12-28 21:07:29 +01:00
Дилян Палаузов 4c599ece57 Fixed #28930 -- Simplified code with any() and all(). 2017-12-26 17:11:15 -05:00
Nick Pope d13a9e44de Fixed #28909 -- Simplified code using tuple/list/set/dict unpacking. 2017-12-11 07:08:45 -05:00
Claude Paroz d0932ce8fc Updated contrib translations from Transifex 
Forward port of 765e6de924 from stable/2.0.x
 2017-12-01 21:51:30 +01:00
shanghui 359370a8b8 Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user error when using ModelBackend. 
Regression in e0a3d93730.

Thanks Guilherme Junqueira for the report and Tim Graham for the review.
 2017-11-08 09:39:12 -05:00
Tom b81905bfd4 Fixed #28571 -- Added a prompt to bypass password validation in createsuperuser. 2017-11-03 20:00:08 -04:00
Jon Dufresne 6ed347d851 Fixed #28706 -- Moved AuthenticationFormn invalid login ValidationError to a method for reuse. 2017-10-23 09:10:45 -04:00
Lucas Connors 5ceaf14686 Fixed #27515 -- Made AuthenticationForm's username field use the max_length from the model field. 
Thanks Ramin Farajpour Cami for the report.
 2017-10-20 11:13:26 -04:00
Yuri Kaszubowski Lopes d98210c255 Fixed #28713 -- Prevented ModelBackend.get_all_permissions() from mutating get_user_permissions(). 2017-10-14 20:47:49 -04:00
Tim Graham 0edff2107f Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS. 2017-10-12 14:58:18 -04:00
Hasan Ramezani 6aec130a4c Fixed #28591 -- Added an error message for createsuperuser --username= (blank). 2017-10-09 21:49:35 -04:00
Tim Graham 67a6ba391b Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS." 
This reverts commit 95993a89ce.
 2017-09-25 09:05:00 -04:00
Claude Paroz 1f3dfd783d Updated translation catalogs 
Forward port of 600104172a from stable/2.0.x.
 2017-09-24 13:54:54 +02:00
Tim Graham 5e31be1b96 Refs #25187 -- Required the authenticate() method of authentication backends to have request as the first positional argument. 
Per deprecation timeline.
 2017-09-22 12:51:18 -04:00