Commit Graph

9 Commits

Author SHA1 Message Date
Florian Apolloner f4e6e02f77 [1.8.x] Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-02-29 08:07:17 -05:00
Josh Soref 751e5fcaf7 [1.8.x] Fixed many spelling mistakes in code, comments, and docs.
Partial backport of 93452a70e8 from master
2016-02-23 10:27:15 -05:00
Tim Graham ae1d663b79 [1.8.x] Renamed RemovedInDjango20Warning to RemovedInDjango110Warning. 2015-06-23 07:22:16 -04:00
Tim Graham 259259a819 [1.8.x] Isolated auth_tests from contenttypes_tests; refs #11505.
Backport of e0b3926026 from master
2015-02-14 22:36:49 -05:00
Tim Graham 2347f3267f [1.8.x] Fixed #24315 -- Fixed auth.views.password_reset_confirm() with a UUID user.
Backport of 002425fe39 from master
2015-02-13 09:57:44 -05:00
Tim Graham 8fc4840289 [1.8.x] Fixed #24334 -- Allowed admin password reset to work with non-digit custom user model primary key.
Thanks Loic for help and Simon for review.

Backport of fdf20093e0 from master
2015-02-13 09:50:55 -05:00
Tim Graham 596564e808 [1.8.x] Fixed #24161 -- Stored the user primary key as a serialized value in the session.
This allows using a UUIDField primary key along with the JSON session
serializer.

Thanks to Trac alias jamesbeith for the report and Simon Charette
for the initial patch.

Backport of 0f7f5bc9e7 from master
2015-02-12 07:40:14 -05:00
Tim Graham 2482c9dd24 [1.8.x] Moved non-documented auth test models to the new test location.
Backport of 5ab327a389 from master
2015-02-11 12:03:03 -05:00
Tim Graham e55d888b66 [1.8.x] Moved contrib.auth tests out of contrib.
Backport of 2d7aca3da0 from master
2015-02-11 12:02:35 -05:00