olivierdalang
825f0beda8
Fixed #8936 -- Added a view permission and a read-only admin.
...
Co-authored-by: Petr Dlouhy <petr.dlouhy@email.cz>
Co-authored-by: Olivier Dalang <olivier.dalang@gmail.com>
2018-05-16 06:44:55 -04:00
Tim Graham
cae0107287
Increased the default PBKDF2 iterations for Django 2.1.
2018-05-13 20:06:20 -04:00
Claude Paroz
607970f31c
Replaced django.test.utils.patch_logger() with assertLogs().
...
Thanks Tim Graham for the review.
2018-05-07 09:34:00 -04:00
Nick Pope
df90e462d9
Fixed #29212 -- Doc'd redirect loop if @permission_required used with redirect_authenticated_user.
2018-04-19 10:21:24 -04:00
Mads Jensen
9c651641f1
Added additional AdminPasswordChangeForm tests.
2018-04-04 11:25:28 -04:00
Malte Gerth
874977d388
Fixed #29270 -- Fixed UserChangeForm crash if password field is excluded.
2018-03-29 15:25:54 -04:00
Abeer Upadhyay
1bf4646f91
Fixed #29258 -- Added type checking for login()'s backend argument.
2018-03-28 10:10:18 -04:00
Tim Graham
a4f0e9aec7
Fixed #28718 -- Allowed user to request a password reset if their password doesn't use an enabled hasher.
...
Regression in aeb1389442
.
Reverted changes to is_password_usable() from
703c266682
and documentation changes from
92f48680db
.
2018-03-22 10:03:43 -04:00
Mariusz Felisiak
362813d628
Fixed hanging indentation in various code.
2018-03-16 10:54:34 +01:00
Mattia Procopio
aeb8c38178
Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a non-UUID where one is expected.
2018-03-15 21:33:15 -04:00
Christophe Mehay
40bac28faa
Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if username isn't a string.
2018-03-02 11:32:53 -05:00
Tim Graham
5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.
2018-02-26 09:05:18 -05:00
Mikhail Porokhovnichenko
14e34dcf8c
Fixed #29132 -- Avoided connecting update_last_login() handler if User.last_login isn't a field.
2018-02-21 10:36:31 -05:00
Dylan Verheul
9b1125bfc7
Fixed #28379 -- Made AccessMixin raise Permissiondenied for authenticated users.
2018-02-16 13:58:55 -05:00
Tim Graham
fa75b2cb51
Refs #27795 -- Removed force_bytes/text() usage in tests.
2018-02-07 14:20:04 -05:00
Tim Graham
af33fb250e
Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.
...
Reverted 359370a8b8
(refs #28645 ).
This is a security fix.
2018-02-01 09:05:14 -05:00
shanghui
3333d935d2
Fixed #28757 -- Allowed using contrib.auth forms without installing contrib.auth.
...
Also fixed #28608 -- Allowed UserCreationForm and UserChangeForm to
work with custom user models.
Thanks Sagar Chalise and Rômulo Collopy for reports, and Tim Graham
and Tim Martin for reviews.
2018-01-05 14:47:37 -05:00
Дилян Палаузов
d7b2aa24f7
Fixed #28982 -- Simplified code with and/or.
2018-01-03 20:12:23 -05:00
Tim Graham
acc8dd4142
Fixed #28984 -- Made assorted code simplifications.
2018-01-03 13:24:02 -05:00
Alvin Lindstam
2cb6b7732d
Fixed #28902 -- Fixed password_validators_help_text_html() double escaping.
2018-01-02 19:51:06 -05:00
shanghui
359370a8b8
Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user error when using ModelBackend.
...
Regression in e0a3d93730
.
Thanks Guilherme Junqueira for the report and Tim Graham for the review.
2017-11-08 09:39:12 -05:00
Дилян Палаузов
6c0042430e
Fixed #28776 -- Fixed a/an/and typos in docs and comments.
2017-11-06 22:41:03 -05:00
Tom
b81905bfd4
Fixed #28571 -- Added a prompt to bypass password validation in createsuperuser.
2017-11-03 20:00:08 -04:00
Tim Graham
872be5976d
Improved technique for matching input prompts in contrib.auth management tests.
2017-11-03 20:00:08 -04:00
Jon Dufresne
6ed347d851
Fixed #28706 -- Moved AuthenticationFormn invalid login ValidationError to a method for reuse.
2017-10-23 09:10:45 -04:00
Lucas Connors
5ceaf14686
Fixed #27515 -- Made AuthenticationForm's username field use the max_length from the model field.
...
Thanks Ramin Farajpour Cami for the report.
2017-10-20 11:13:26 -04:00
Lucas Connors
d233391208
Refs #19130 -- Added a test for AuthenticationForm.username max_length.
...
This will be a more useful regression test after refs #27515 .
2017-10-20 11:10:32 -04:00
Yuri Kaszubowski Lopes
d98210c255
Fixed #28713 -- Prevented ModelBackend.get_all_permissions() from mutating get_user_permissions().
2017-10-14 20:47:49 -04:00
Hasan Ramezani
6aec130a4c
Fixed #28591 -- Added an error message for createsuperuser --username= (blank).
2017-10-09 21:49:35 -04:00
Mads Jensen
3e72f4b7b6
Completed test coverage for BasePasswordHasher.
2017-09-29 09:28:25 -04:00
Mads Jensen
776f6902d9
Moved BasePasswordHasher tests to its own test case.
2017-09-29 09:28:24 -04:00
Mads Jensen
d917c17a3b
Completed test coverage for AnonymousUser.
2017-09-28 13:11:23 -04:00
Mads Jensen
7fce4dc5ff
Moved AnonymousUser tests to its own test case.
2017-09-28 13:11:07 -04:00
Mads Jensen
4803834aaa
Added a test for PermWrapper.__iter__().
2017-09-26 19:42:50 -04:00
Tim Graham
67a6ba391b
Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS."
...
This reverts commit 95993a89ce
.
2017-09-25 09:05:00 -04:00
Tim Graham
5e31be1b96
Refs #25187 -- Required the authenticate() method of authentication backends to have request as the first positional argument.
...
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
6e40b70bf4
Refs #26929 -- Removed extra_context parameter of contrib.auth.views.logout_then_login().
...
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Tim Graham
4f313e284e
Refs #17209 -- Removed login/logout and password reset/change function-based views.
...
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Luoxzhg
ffbee67f8e
Fixed some comments referring to a nonexistent TestClient class.
2017-09-09 11:21:15 -04:00
ZachLiuGIS
2dacc2ccd9
Fixed #28550 -- Restored contrib.auth's login() and logout() views' respect of positional arguments.
...
Regression in 78963495d0
.
Forwardport of f8e0557b01
from stable/1.11.x
2017-09-03 12:06:44 -04:00
François Freitag
18dd9ba481
Fixed test in auth_tests modifying data from setUpTestData().
2017-09-01 21:43:41 -04:00
hui shang
c0f4c60edd
Fixed #28513 -- Added POST request support to LogoutView.
2017-08-24 09:11:16 -04:00
Mads Jensen
a51c4de194
Used assertRaisesMessage() to test Django's error messages.
2017-07-29 19:07:23 -04:00
Andrew Pinkham
a96b981d84
Fixed #28127 -- Allowed UserCreationForm's password validation to check all user fields.
2017-06-21 09:22:15 -04:00
Chandrakant Kumar
2b09e4c88e
Fixed #27787 -- Made call_command() validate the options it receives.
2017-06-16 21:28:38 -04:00
Mikhail Golubev
e7dc39fb65
Fixed #28229 -- Fixed the value of LoginView's "next" template variable.
2017-06-13 09:13:22 -04:00
Jon Dufresne
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
Linus Lewandowski
eedc88bd4a
Fixed #26823 -- Prevented update_last_login signal receiver from crashing if User model doesn't have last_login field.
2017-05-29 17:31:18 -04:00
Nick Zaccardi
95993a89ce
Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS.
2017-05-29 09:22:22 -04:00
jannh
c930c241f8
Fixed #28017 -- Allowed customizing PasswordResetTokenGenerator's secret.
2017-05-26 07:37:36 -04:00