tschilling
0dcd549bbe
Fixed #30360 -- Added support for secret key rotation.
...
Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-02-01 11:12:24 +01:00
Brad Solomon
b55ebe3241
Fixed #33443 -- Clarified when PasswordResetView sends an email.
2022-01-17 07:44:46 +01:00
Adam Johnson
652c68ffee
Clarified how contrib.auth picks a password hasher for verification.
2022-01-13 20:46:18 +01:00
David
cc8e771c64
Fixed malformed attribute directives in docs.
2022-01-05 08:11:13 +01:00
Florian Apolloner
968a3d01fa
Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
...
Thanks Chris Bailey for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Mariusz Felisiak
ad6bb20557
Avoided counting attributes and methods in docs.
2021-12-28 12:36:57 +01:00
Adam Johnson
b0d16d0129
Changed signatures of setting_changed signal receivers.
2021-12-17 13:07:04 +01:00
Adam Johnson
41329b9852
Improved wording in password validators docs and docstrings.
2021-12-13 18:53:07 +01:00
Mariusz Felisiak
fd881e8cd9
Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label.
2021-10-19 13:05:13 +02:00
Mariusz Felisiak
97237ad3fe
Removed versionadded/changed annotations for 3.2.
2021-09-20 21:23:01 +02:00
Andrew Northall
c23aa73626
Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.
2021-08-17 12:18:07 +02:00
David Smith
1024b5e74a
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
ryowright
1783b3cb24
Fixed #32275 -- Added scrypt password hasher.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-22 12:40:33 +02:00
yyyyyyyan
e197dcca36
Clarified docs about increasing the work factor for bcrypt hasher.
2021-05-20 20:24:51 +02:00
Nick Pope
c156e36955
Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.
2021-05-17 09:46:09 +02:00
ThinkChaos
b99d6c9cbc
Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.
2021-02-08 21:08:05 +01:00
Mariusz Felisiak
59841170ba
Used .. attribute:: directive in authentication views docs.
2021-02-08 18:12:58 +01:00
Mariusz Felisiak
b7dd89ed53
Removed versionadded/changed annotations for 3.1.
2021-01-14 17:50:04 +01:00
Jon Moroney
76ae6ccf85
Fixed #31358 -- Increased salt entropy of password hashers.
...
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2021-01-14 11:20:28 +01:00
Timo Ludwig
d8dfff2ab0
Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default.
2020-12-03 09:32:08 +01:00
Roy Zheng
804f2b7024
Added note about password updates on argon2 attributes change.
2020-08-11 07:51:27 +02:00
Nick Pope
feb91dbda1
Used :mimetype: role in various docs.
2020-05-13 09:14:04 +02:00
Mariusz Felisiak
4c5236ef93
Removed versionadded/changed annotations for 3.0.
2020-05-13 09:07:51 +02:00
Mariusz Felisiak
54646a423b
Refs #27468 -- Made user sessions use SHA-256 algorithm.
2020-04-29 16:45:00 +02:00
François Freitag
9ef4a18dbe
Changed django.forms.ValidationError imports to django.core.exceptions.ValidationError.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-04-28 10:49:00 +02:00
Mariusz Felisiak
ca769c8c13
Fixed #31505 -- Doc'd possible email addresses enumeration in PasswordResetView.
2020-04-27 18:06:11 +02:00
Tanmay Vijay
e43abbbd70
Doc'd PasswordChangeView/PasswordResetView.success_url defaults.
2020-04-24 08:21:51 +02:00
Mariusz Felisiak
69e2cd6fed
Fixed Sphinx warnings on duplicate object descriptions.
2020-04-07 09:48:52 +02:00
Hasan Ramezani
8aa71f4e87
Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes or strings.
2020-03-31 10:52:56 +02:00
Hasan Ramezani
b7795d7673
Fixed #30040 -- Used default permission name in docs examples to avoid confusion.
2020-02-19 15:39:47 +01:00
Jon Dufresne
85efc14a2e
Fixed #30948 -- Changed packaging to use declarative config in setup.cfg.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-11-08 14:14:13 +01:00
Mariusz Felisiak
416c584cab
Removed versionadded/changed annotations for 2.2.
2019-09-10 12:01:00 +02:00
Tobias Kunze
4a954cfd11
Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty.
...
This patch does not remove all occurrences of the words in question.
Rather, I went through all of the occurrences of the words listed
below, and judged if they a) suggested the reader had some kind of
knowledge/experience, and b) if they added anything of value (including
tone of voice, etc). I left most of the words alone. I looked at the
following words:
- simply/simple
- easy/easier/easiest
- obvious
- just
- merely
- straightforward
- ridiculous
Thanks to Carlton Gibson for guidance on how to approach this issue, and
to Tim Bell for providing the idea. But the enormous lion's share of
thanks go to Adam Johnson for his patient and helpful review.
2019-09-06 13:27:46 +02:00
Berker Peksag
400ec5125e
Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
...
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
Carlton Gibson
fa7ffc6cb3
Removed unneeded * markers from parameter names.
2019-08-29 12:49:16 +02:00
daniel a rios
b5a5c92c72
Fixed #30066 -- Enabled super user creation without email and password
2019-08-29 12:49:16 +02:00
Hasan Ramezani
03dbdfd9bb
Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS.
2019-08-26 14:48:40 +02:00
Nuno
34a88b21da
Fixed #30620 -- Made an example of admin-compliant custom user app pep8 compliant.
2019-07-08 07:39:28 +02:00
swatantra
c13e3715f5
Fixed #28667 -- Clarified how to override list of forms fields for custom UserAdmin with a custom user model.
2019-07-04 08:05:20 +02:00
Mariusz Felisiak
9aeac29949
Removed unnecessary backslashes from docs.
2019-06-20 14:04:36 +02:00
Tobias Bengfort
581a0f4545
Refs #30226 -- Added User.get_user_permissions() method.
...
Added to mirror the existing User.get_group_permissions().
2019-06-05 13:56:37 +02:00
Tobias Bengfort
75337a6050
Fixed #30226 -- Added BaseBackend for authentication.
2019-06-05 13:39:46 +02:00
Mariusz Felisiak
8bdc7a6778
Doc'd that extra_email_context can be used to override default template context values in PasswordResetView.
2019-05-27 12:05:48 +02:00
Rob
58df8aa40f
Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs.
...
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
2019-05-24 08:40:25 +02:00
Tobias Kunze
eb16c7260e
Fixed #20629 -- Rephrased custom user models admonition.
2019-04-30 09:09:16 +02:00
Luke Plant
0c916255eb
Changed tuple Mate.unique_together/permissions to lists in docs.
2019-04-24 10:06:00 +02:00
Ramiro Morales
aed89adad5
Fixed #30367 -- Changed "pip install" to "python -m pip install" in docs, comments and hints.
2019-04-18 14:41:15 +02:00
Tim Graham
a68c029e22
Used extlinks for Django's source code.
2019-03-28 20:32:17 -04:00
Tobias Bengfort
632d4861dd
Clarified permission-related docs.
2019-02-28 15:27:15 +01:00
Mariusz Felisiak
25829197bb
Removed extra characters in docs header underlines.
2019-02-08 21:38:30 +01:00