Commit Graph

394 Commits

Author SHA1 Message Date
Preston Holmes 373932fa6b fixed #10809 -- add a mod_wsgi authentication handler
Thanks to baumer1122 for the suggestion and initial 
patch and David Fischer for the contributions and
long term patch maintenance and docs.
2012-09-27 12:43:37 -07:00
Preston Holmes 01362745ba Fixed a small oversight in auth tests
Thanks to Vinicius Ruan Cainelli for the catch
closes #392
2012-09-27 10:24:34 -07:00
Anssi Kääriäinen 50d573d2c0 Fixed #18979 -- Avoid endless loop caused by "val in PermLookupDict"
Fixed by defining __iter__ which raises TypeError. This was done to
PermWrapper earlier.
2012-09-27 15:36:30 +03:00
Adrien Lemaire 2c8267bf3d Fixed #17899 -- Rewrote [Ee]-mail to [Ee]mail 2012-09-26 14:14:51 +02:00
Russell Keith-Magee 70a0de37d1 Fixed #3011 -- Added swappable auth.User models.
Thanks to the many people that contributed to the development and review of
this patch, including (but not limited to) Jacob Kaplan-Moss, Anssi
Kääriäinen, Ramiro Morales, Preston Holmes, Josh Ourisman, Thomas Sutton,
and Roger Barnes, as well as the many, many people who have contributed to
the design discussion around this ticket over many years.

Squashed commit of the following:

commit d84749a0f0
Merge: 531e771 7c11b1a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 18:37:04 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 531e7715da
Merge: 29d1abb 1f84b04
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 07:09:23 2012 +0800

    Merged recent trunk changes.

commit 29d1abbe35
Merge: 8a527dd 54c81a1
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:49:46 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8a527dda13
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:48:05 2012 +0800

    Ensure sequences are reset correctly in the presence of swapped models.

commit e2b6e22f29
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 17:53:05 2012 +0800

    Modifications to the handling and docs for auth forms.

commit 98aba856b5
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 15:28:57 2012 +0800

    Improved error handling and docs for get_user_model()

commit 0229209c84
Merge: 6494bf9 8599f64
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 14:50:11 2012 +0800

    Merged recent Django trunk changes.

commit 6494bf91f2
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 21:38:44 2012 +0800

    Improved validation of swappable model settings.

commit 5a04cde342
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 07:15:14 2012 +0800

    Removed some unused imports.

commit ffd535e413
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:31:28 2012 +0800

    Corrected attribute access on for get_by_natural_key

commit 913e1ac84c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:12:34 2012 +0800

    Added test for proxy model safeguards on swappable models.

commit 280bf19e94
Merge: dbb3900 935a863
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:16:49 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit dbb3900775
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:09:27 2012 +0800

    Fixes for Python 3 compatibility.

commit dfd72131d8
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:54:30 2012 +0800

    Added protection against proxying swapped models.

commit abcb027190
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:11:10 2012 +0800

    Cleanup and documentation of AbstractUser base class.

commit a9491a8776
Merge: fd8bb4e 08bcb4a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:46:49 2012 +0800

    Merge commit '08bcb4aec1ed154cefc631b8510ee13e9af0c19d' into t3011

commit fd8bb4e3e4
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:20:14 2012 +0800

    Documentation improvements coming from community review.

commit b550a6d06d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:52:47 2012 +0800

    Refactored skipIfCustomUser into the contrib.auth tests.

commit 52a02f1110
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:46:10 2012 +0800

    Refactored common 'get' pattern into manager method.

commit b441a6bbc7
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:41:33 2012 +0800

    Added note about backwards incompatible change to admin login messages.

commit 08bcb4aec1
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:33 2012 +0300

    Splitted User to AbstractUser and User

commit d9f5e5addb
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:02 2012 +0300

    Reworked REQUIRED_FIELDS + create_user() interaction

commit 579f152e4a
Merge: 9184972 93e6733
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:37 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 918497218c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:19 2012 +0800

    Deprecate AUTH_PROFILE_MODULE and get_profile().

commit 334cdfc1bb
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:00:12 2012 +0800

    Added release notes for new swappable User feature.

commit 5d7bb22e8d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 19:59:49 2012 +0800

    Ensure swapped models can't be queried.

commit 57ac6e3d32
Merge: f2ec915 abfba3b
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 14:31:54 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit f2ec915b20
Merge: 1952656 5e99a3d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:29:51 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 19526563b5
Merge: 2c5e833 c4aa26a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:22:26 2012 +0800

    Merge recent changes from master.

commit 2c5e833a30
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 07:53:46 2012 +0800

    Corrected admin_views tests following removal of the email fallback on admin logins.

commit 20d1892491
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 01:00:37 2012 +0800

    Added conditional skips for all tests dependent on the default User model

commit 40ea8b8882
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:47:02 2012 +0800

    Added documentation for REQUIRED_FIELDS in custom auth.

commit e6aaf65970
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:20:02 2012 +0800

    Added first draft of custom User docs.

    Thanks to Greg Turner for the initial text.

commit 75118bd242
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 11:17:26 2012 +0800

    Admin app should not allow username discovery

    The admin app login form should not allow users to discover the username
    associated with an email address.

commit d088b3af58
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 10:32:13 2012 +0800

    Admin app login form should use swapped user model

commit 7e82e83d67
Merge: e29c010 39aa890
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Fri Sep 7 23:45:03 2012 +0800

    Merged master changes.

commit e29c010beb
Merge: 8e3fd70 30bdf22
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:12:57 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8e3fd703d0
Merge: 507bb50 26e0ba0
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:09:09 2012 +0800

    Merged recent changes from trunk.

commit 507bb50a92
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:41:37 2012 +0800

    Modified auth app so that login with alternate auth app is possible.

commit dabe362836
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:10:51 2012 +0800

    Modified auth management commands to handle custom user definitions.

commit 7cc0baf89d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 14:17:28 2012 +0800

    Added model Meta option for swappable models, and made auth.User a swappable model
2012-09-26 18:48:09 +08:00
Dan Loewenherz 69ff1b7390 Fixed #16835 -- add groups to auth.user admin list_filter 2012-09-22 00:16:22 -07:00
Florian Apolloner 06f79354d0 Added tests for d21f3d9b17. 2012-09-17 21:56:19 +02:00
Florian Apolloner d21f3d9b17 Only update `last_login` instead of the whole user object in `update_last_login`. 2012-09-17 19:52:22 +02:00
Claude Paroz c7f44ae085 Fixed #17948 -- Isolated auth tests from custom template loaders
Thanks andrey@kostenko.name for the report.
2012-09-15 21:39:08 +02:00
Claude Paroz 1aa218b857 Fixed test output check when password is blank 2012-09-12 11:58:02 +02:00
Claude Paroz 703c266682 Fixed #18182 -- Made is_usable_password check if hashing algorithm is correct
The display of the ReadOnlyPasswordHashWidget has also been improved to
distinguish empty/unusable password from erroneous password.
Fixed #18453 also.
Thanks danielr and Leo for the reports and Moritz Sichert for the
initial patch.
2012-09-12 11:32:50 +02:00
Carl Meyer 75ef980e20 Fix Python 3 test failure introduced in a78dd109. 2012-09-09 11:37:21 -06:00
Carl Meyer a78dd109e6 Fixed #15552 -- LOGIN_URL and LOGIN_REDIRECT_URL can take URLpattern names.
Thanks UloPe and Eric Florenzano for the patch, and Malcolm Tredinnick for
review.
2012-09-08 16:58:35 -06:00
Alex Gaynor 292322f977 [py3k] Silence many warnings while running the tests. 2012-09-07 13:17:34 -04:00
Adrian Holovaty 4193a0f3d5 Negligible spacing fix in auth/forms.py 2012-09-04 16:47:45 -04:00
Claude Paroz ebc773ada3 Replaced many smart_bytes by force_bytes
In all those occurrences, we didn't care about preserving the
lazy status of the strings, but we really wanted to obtain a
real bytestring.
2012-08-29 11:20:32 +02:00
Aymeric Augustin 54899d810d [py3] Fixed #18805 -- ported createsuperuser.
Thanks sunsesh at gmail.com for the report.
2012-08-20 22:25:41 +02:00
Aymeric Augustin de3ad8bb2d [py3] Avoided passing a lazy string to urlparse.
This causes an exception under Python 3.

Fixed #18776.
2012-08-18 16:38:49 +02:00
Ramiro Morales 4c934f3921 Made createsuperuser more robust when getting current OS username.
Under some versions of OS X, failure in getting the default system
locale during the syncdb operation of the auth app were causing hard to
diagnose problems afterwards.

No solution based on getpreferredencoding() was chosen because it has
its own problems with certain combinations of Python and OS X versions
(e.g. http://bugs.python.org/issue6202).

Thanks prestonsimmons for the report and prestonsimmons and willhardy
for the initial patch.

Fixes #16017.
2012-08-17 23:15:20 -03:00
Claude Paroz 34ac145796 [py3] Fixed contrib.auth tests 2012-08-14 23:35:12 +02:00
Aymeric Augustin d4a0b27838 [py3] Refactored __unicode__ to __str__.
* Renamed the __unicode__ methods
* Applied the python_2_unicode_compatible decorator
* Removed the StrAndUnicode mix-in that is superseded by
  python_2_unicode_compatible
* Kept the __unicode__ methods in classes that specifically
  test it under Python 2
2012-08-12 14:44:40 +02:00
Aymeric Augustin 2bb2eecb63 [py3] Removed redundant __str__ methods.
These classes already have an identical __unicode__ method, which
will be used after an upcoming refactoring.
2012-08-12 14:44:40 +02:00
Andrews Medina 87e0a75c03 [py3] Decoded base64-encoded hash in contrib.auth.hashers 2012-08-11 00:20:59 +02:00
Alex Gaynor 5f8da527ab [py3k] use the base64 module, instead of bytes.encode('base64') 2012-08-09 07:26:11 -07:00
Claude Paroz b8e49d70f2 [py3] Replaced raw_input by input
The six addition has been borrowed from:
https://bitbucket.org/gutworth/six/changeset/733ef740
2012-08-08 19:53:11 +02:00
Alex Gaynor 4c97101b1f remove a bunch of unnescesarry iterkeys() calls 2012-08-08 07:33:15 -07:00
Claude Paroz 576ec12f8e [py3] Replaced __nonzero__ by __bool__
Of course, __nonzero__ alias has been kept for Python 2 compatibility.
2012-08-08 15:02:31 +02:00
Aymeric Augustin c5ef65bcf3 [py3] Ported django.utils.encoding.
* Renamed smart_unicode to smart_text (but kept the old name under
  Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
  and smart_bytes under Python 2 (which is backwards compatible).
  Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
  want a str.
2012-08-07 12:00:22 +02:00
Aymeric Augustin ee191715ea [py3] Fixed access to dict keys/values/items. 2012-08-07 12:00:22 +02:00
Claude Paroz 09a719a4e6 Fixed #7833 -- Improved UserCreationForm password validation
Make UserCreationForm password validation similar to
SetPasswordForm and AdminPasswordChangeForm, so as the match
check is only done when both passwords are supplied.
Thanks Mitar for the suggestion.
2012-08-04 14:55:13 +02:00
Alex Gaynor ace9ccfe9f Fixed #18666 -- when upgrading a user's password to a new algorithm only save the password field to the databaes. 2012-07-24 19:03:26 -07:00
Aymeric Augustin ca07fda2ef [py3] Switched to Python 3-compatible imports.
xrange/range will be dealt with in a separate commit due to the huge
number of changes.
2012-07-22 09:29:56 +02:00
Aymeric Augustin 0d914d08a0 [py3] Updated urllib/urllib2/urlparse imports.
Lots of functions were moved. Use explicit imports in all cases
to keey it easy to identify where the functions come from.
2012-07-22 09:29:55 +02:00
Aymeric Augustin bdca5ea345 [py3] Replaced unicode/str by six.text_type/bytes. 2012-07-22 09:29:54 +02:00
Alex Gaynor 3e8d8bb094 Fixed auth to not use an internal implementation detail of SortedDict 2012-07-14 14:33:13 -07:00
Florian Apolloner 52a9e15794 Fixed a regression in the user admin page introduced in a92e7f37c4.
a92e7f37c4 switched most of the internal stuff
to format_html. Using format_html in the `render` method of
`ReadOnlyPasswordHashWidget` caused it to generate `SafeString` instances.
Later these safe strings where returned from `BoundField.__unicode__` which
caused force_unicode to loose the "safe" information. This commit fixes that by
ensuring that the render method returns `SafeUnicode` instead of `SafeString`.
2012-07-07 15:29:20 +02:00
Luke Plant b0eee0ba4b Removed various unnecessary instances of mark_safe applied to URLs
Also fixed some test breakages introduced in last commit
2012-07-03 22:20:12 +01:00
Luke Plant a92e7f37c4 Changed a lot of internal code to use 'format_html' where appropriate/possible 2012-07-03 22:20:12 +01:00
Claude Paroz 5318783027 Fixed #17966 -- Isolated ProfileTestCase from custom AUTH_PROFILE_MODULE
Thanks Rob Golding for helping on the patch.
2012-06-25 20:26:17 +02:00
Claude Paroz 4a103086d5 Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
2012-06-07 18:08:47 +02:00
Claude Paroz 70a0351fef Fixed #18184 -- Moved algorithm identification code to hashers module
Thanks Eli Collins for the report and the patch.
2012-06-06 11:06:33 +02:00
Claude Paroz eb286aa22f Delayed encoding of password and salt in password checking.
Applied the rule that string encoding should happen as late as
possible. This is also a preparation for Python 3 compatibility.
2012-06-06 10:53:16 +02:00
Claude Paroz f2b6763ad7 Fixed #18387 -- Do not call sys.exit during call_command.
Moved sys.exit(1) so as failing management commands reach it
only when running from command line.
2012-05-27 20:38:47 +02:00
Claude Paroz 822d6d6dab Fixed #18325 -- Wrapped self.stdout/stderr in OutputWrapper class 2012-05-19 13:51:54 +02:00
Aymeric Augustin b1155adcde Fixed #18093 -- Added a pk to AnonymousUser. 2012-05-10 21:42:13 +02:00
Claude Paroz b52672d778 Replaced deprecated TestCase methods. Refs #17049. 2012-05-03 16:39:16 +02:00
Anssi Kääriäinen 8fad77da95 Ensured tests pass using custom PASSWORD_HASHERS. 2012-04-30 22:10:27 +03:00
Anssi Kääriäinen 2a09404792 Reset password hashers cache on settings_changed. 2012-04-30 22:10:27 +03:00
Claude Paroz 596cb9c7e2 Replaced print statement by print function (forward compatibility syntax). 2012-04-30 20:45:03 +02:00
Claude Paroz 3904b74a3f Fixed #18013 -- Use the new 'as' syntax for exceptions.
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
2012-04-29 20:57:15 +02:00