3f2821af6b
Fixed #31180 -- Configured applications automatically.
2020-07-21 10:35:12 +02:00
7af8f41273
Refs #26445 -- Allowed using UserManager.create_user()/create_superuser() in migrations.
...
Used app config to lookup user model in _create_user().
Thanks Markus Holtermann for the review and initial patch.
Thanks Simon Charette for the implementation idea.
2020-07-06 11:47:22 +02:00
cc7c16af98
Fixed #31443 -- Fixed login redirection in auth mixins when LOGIN_URL is off-site URL.
2020-06-23 10:38:35 +02:00
136ec9b62b
Refs #31358 -- Added decode() to password hashers.
...
By convention a hasher which does not use a salt should populate the
decode dict with `None` rather than omit the dict key.
Co-Authored-By: Florian Apolloner <apollo13@users.noreply.github.com>
2020-06-23 08:36:59 +02:00
1621f06051
Fixed #30472 -- Made Argon2PasswordHasher use Argon2id.
2020-06-17 08:10:41 +02:00
faad809e09
Refs #30472 -- Simplified Argon2PasswordHasher with argon2-cffi 19.1+ API.
2020-06-17 08:10:41 +02:00
69a78a4a63
Fixed comment in django/contrib/auth/urls.py.
2020-06-10 08:39:09 +02:00
578b3046e3
Reverted "Refs #23919 -- Removed obsolete __init__.py files in management command directories."
...
This reverts commit ccc25bfe4fhttps://groups.google.com/d/topic/django-developers/GVHMH2ciAnk/discussion
2020-06-01 10:55:41 +02:00
c60524c658
Fixed #31546 -- Allowed specifying list of tags in Command.requires_system_checks.
2020-05-21 12:34:54 +02:00
f2187a227f
Increased the default PBKDF2 iterations for Django 3.2.
2020-05-13 09:07:51 +02:00
54646a423b
Refs #27468 -- Made user sessions use SHA-256 algorithm.
2020-04-29 16:45:00 +02:00
9ef4a18dbe
Changed django.forms.ValidationError imports to django.core.exceptions.ValidationError.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-04-28 10:49:00 +02:00
71d9876e39
Refs #18325 -- Removed unnecessary line endings in management commands.
...
The OutputWrapper automatically adds \n when it’s not present.
2020-04-27 10:10:36 +02:00
8aa71f4e87
Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes or strings.
2020-03-31 10:52:56 +02:00
5f8495a40a
Fixed #31371 -- Increased User.first_name max_length to 150 characters.
2020-03-18 08:22:49 +01:00
e663f695fb
Fixed #31359 -- Deprecated get_random_string() calls without an explicit length.
2020-03-11 13:16:44 +01:00
769cee5252
Fixed #31327 -- Deprecated providing_args argument for Signal.
2020-03-05 09:38:52 +01:00
fba5d3b6e6
Fixed #31289 -- Added hint for USERNAME_FIELD/REQUIRED_FIELDS system check.
2020-02-26 08:40:36 +01:00
da4923ea87
Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm.
2020-02-12 21:46:56 +01:00
335c9c94ac
Simplified imports from django.db and django.contrib.gis.db.
2020-02-04 13:20:06 +01:00
5dabb6002e
Updated translations from Transifex.
...
Forwardport of ca4f87027e
2020-01-31 20:59:10 +01:00
b7a3a6c9ef
Used model's Options.label/label_lower where applicable.
2020-01-29 12:09:20 +01:00
5a68a223c7
Fixed #31200 -- Added system checks for permissions codenames max length.
2020-01-23 12:22:59 +01:00
35d36d9462
Refs #30585 -- Updated project templates and tests to use (block)translate tags.
2019-12-18 13:15:38 +01:00
5b1fbcef7a
Fixed CVE-2019-19844 -- Used verified user email for password reset requests.
...
Co-Authored-By: Florian Apolloner <florian@apolloner.eu>
2019-12-18 09:11:39 +01:00
3df3c5e670
Fixed #26480 -- Fixed crash of contrib.auth.authenticate() on decorated authenticate() methods of authentication backends.
...
The Signature API (PEP 362) has better support for decorated functions
(by default, it follows the __wrapped__ attribute set by
functools.wraps for example).
2019-12-10 09:36:30 +01:00
6376278a90
Updated contrib translations from Transifex.
...
Forward port of 4afa0e5d2a
2019-12-02 11:25:23 +01:00
e8fcdaad5c
Fixed #31021 -- Fixed proxy model permissions data migration crash with a multiple databases setup.
...
Regression in 98296f86b3
2019-11-29 08:23:01 +01:00
aa12cf07c9
Removed unnecessary numeric indexes in format strings.
2019-11-19 08:29:47 +01:00
6e99585c19
Fixed #30941 -- Reverted "Simplified AuthenticationMiddleware a bit."
...
This reverts commit 2f010795e6
2019-11-13 16:33:25 +01:00
4cec3cc82a
Fixed #30977 -- Optimized PasswordResetForm.save() a bit.
...
Moved site variables assignment outside of the loop.
2019-11-11 10:40:04 +01:00
edeec1247e
Passed strict=True to Path.resolve() to enforce that the path must exist.
2019-11-05 14:22:20 +01:00
b9fe7f9294
Fixed #30947 -- Changed tuples to lists in model Meta options in django.contrib modules.
...
The Django "Model Meta options" docs provide examples and generally
point the reader to use lists for the unique_together and ordering
options. Follow our own advice for contrib models.
More generally, lists should be used for homogeneous sequences of
arbitrary lengths of which both unique_together and ordering are.
2019-11-05 08:16:31 +01:00
2f010795e6
Simplified AuthenticationMiddleware a bit.
...
SimpleLazyObject already caches value in _wrapped.
2019-10-29 13:20:13 +01:00
0315c18fe1
Refs #26601 -- Removed obsolete workarounds for MIDDLEWARE_CLASSES setting.
2019-10-23 08:18:48 +02:00
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
6c9778a58e
Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
...
Regression in 5ceaf14686
2019-09-18 11:37:38 +02:00
b5db65c4fb
Increased the default PBKDF2 iterations for Django 3.1.
2019-09-12 17:24:01 +02:00
d17be88afd
Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
...
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
5495ea3ae0
Updated translation catalogs
2019-09-08 17:35:32 +02:00
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
999891bd80
Refs #29379 -- Moved autocomplete attribute to UsernameField.
...
Moving the autocomplete attribute into UsernameField allows this to work
for custom forms making use of UsernameField, removes some duplication
in the code, and keeps consistency with the autocapitalize attribute
that is already defined on UsernameField.
2019-09-02 10:50:56 +02:00
400ec5125e
Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
b5a5c92c72
Fixed #30066 -- Enabled super user creation without email and password
2019-08-29 12:49:16 +02:00
03dbdfd9bb
Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS.
2019-08-26 14:48:40 +02:00
a5308514fb
Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields.
2019-07-02 12:55:09 +02:00
d54baf6970
Updated translations from Transifex
...
Forward port of b3f7262e6e
2019-06-29 16:17:16 +02:00
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
3ee0834a46
Fixed #30556 -- Avoided useless query and hasher call in ModelBackend.authenticate() when credentials aren't provided.
...
There's no need to fetch a user instance from the database unless
a username and a password are provided as credentials.
2019-06-10 11:12:31 +02:00
dcb8f00d06
Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
...
Thank you to Nick Pope for review.
Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
Aymeric Augustin
Hasan Ramezani
Frantisek Holop
Jon Moroney
Florian Apolloner
Tom Carrick
René Fleschenberg
Mariusz Felisiak
François Freitag
Ryan Petrello
Claude Paroz
Jon Dufresne
aryan
Nick Pope
Michael Mulholland
Mike Hansen
Simon Charette
Baptiste Mispelon
Carlton Gibson
Sergey Fedoseev
Sam Reynolds
Berker Peksag
daniel a rios