innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/contrib/auth
History
Malcolm Tredinnick 97a7dab2b1 Fixed #6941 -- When logging a user out, or when logging in with an existing 
session and a different user id to the current session owner, flush the session
data to avoid leakage. Logging in and moving from an anonymous user to a
validated user still keeps existing session data.

Backwards incompatible if you were assuming sessions persisted past logout.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 		2008-08-14 03:58:00 +00:00
..
fixtures Refs #7521 -- Re-reverted [7716] (originally reverted in [7726]), now modified to use the new TestCase urlpattern framework. 2008-06-30 13:11:12 +00:00
handlers Small change to modpython auth handler to support Apache 2.2 2007-09-15 18:36:31 +00:00
management Major refactoring of django.dispatch with an eye towards speed. The net result is that signals are up to 90% faster. 2008-08-06 15:32:46 +00:00
tests Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password. 2008-07-31 20:47:53 +00:00
__init__.py Fixed #6941 -- When logging a user out, or when logging in with an existing 2008-08-14 03:58:00 +00:00
admin.py Fixed #8202 -- Moved user_change_password to UserAdmin. This enables seamless integration of a custom UserAdmin. Thanks ElliottM for catching this. 2008-08-10 09:43:48 +00:00
backends.py Fixed a long and complex line by breaking into a for loop, with the added benefit that the method will now exit as soon as a matching 2008-07-02 05:05:50 +00:00
create_superuser.py Fixed #7392 -- Corrected a typo in the backwards-compatibility layer to the new createsuperuser command. 2008-06-08 08:45:14 +00:00
decorators.py Fixed #7847 -- Removed a whole bunch of unused imports from throughout the codebase. Thanks, julien 2008-07-22 03:24:09 +00:00
forms.py Cleaned up whitespace 2008-08-05 16:36:20 +00:00
middleware.py Fixed #2702 -- Fixed LazyUser to store cache as attribute of request, not class. Thanks for the patch, jkocherhans 2006-09-12 17:30:47 +00:00
models.py Fixed #8226 -- Fixed a Python 2.3 incompatibility in a unicode string substitution, thanks nfg. 2008-08-11 15:13:00 +00:00
tokens.py Fixed #7919 -- md5 and sha modules are deprecated since Python 2.5, use hashlib module when available. Patch from Karen Tracey. 2008-08-02 05:56:57 +00:00
urls.py Changed some URL conf regexes to rawstrings for consistency 2008-08-01 16:18:24 +00:00
views.py Fixed #8131: use reverse() in auth views. Patch from davenaff. 2008-08-12 23:31:31 +00:00