Tim Graham
f945fb24a3
Fixed #26554 -- Updated docs URLs to readthedocs.io
2016-04-28 10:09:57 -04:00
Bas Westerbaan
a5033dbc58
Refs #26033 -- Added password hasher support for Argon2 v1.3.
...
The previous version of Argon2 uses encoded hashes of the form:
$argon2d$m=8,t=1,p=1$<salt>$<data>
The new version of Argon2 adds its version into the hash:
$argon2d$v=19$m=8,t=1,p=1$<salt>$<data>
This lets Django handle both version properly.
2016-04-25 21:17:53 -04:00
Jeremy Lainé
c1aec0feda
Fixed #25847 -- Made User.is_(anonymous|authenticated) properties.
2016-04-09 14:54:18 -04:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
Simon Charette
a872194802
Fixed #26470 -- Converted auth permission validation to system checks.
...
Thanks Tim for the review.
2016-04-06 22:40:43 -04:00
Simon Charette
fc34be896d
Extracted auth checks tests into their own module.
2016-04-06 22:40:43 -04:00
Alexander Gaevsky
e0a3d93730
Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users.
2016-03-23 09:01:48 -04:00
Tim Graham
1243fdf5cb
Fixed #26395 -- Skipped the CryptPasswordHasher tests on platforms with a dummy crypt module.
2016-03-22 11:22:21 -04:00
Berker Peksag
efa9539787
Fixed #26381 -- Made UserCreationForm reusable with custom user models that define USERNAME_FIELD.
2016-03-21 12:32:42 -04:00
Vincenzo Pandolfo
d0fe6c9156
Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields.
2016-03-14 20:20:24 -04:00
ieatkittens
ab8af342b1
Fixed #26343 -- Sent user_login_failed signal if an auth backend raises PermissionDenied.
2016-03-12 16:44:39 -05:00
Tim Graham
5ca045cd25
Moved createsuperuser test app into auth_tests.
2016-03-08 13:06:58 -05:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Jon Dufresne
4115288b4f
Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument.
2016-03-05 13:05:10 -05:00
Jon Dufresne
8d3fcfa39e
Cleaned up tests to use call_command() instead of Command.execute().
2016-03-05 12:59:30 -05:00
Alasdair Nicol
8c42cf0cbd
Fixed #26303 -- Updated links to mod_wsgi docs.
2016-03-01 19:22:32 -05:00
Florian Apolloner
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Jon Dufresne
eac1423f9e
Removed obsolete test CreatesuperuserManagementCommandTestCase.test_nolocale.
...
Test was added in 4c934f3921
to verify that
the commend works when locale.getdefaultlocale() doesn't return a locale.
getdefaultlocale() no longer runs at runtime, so the test isn't needed.
2016-02-29 08:46:37 -05:00
Olivier Le Thanh Duong
10781b4c6f
Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
...
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.
Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham
c62807968d
Fixed a stray __unicode__() method in auth_tests.
2016-02-23 13:20:50 -05:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Berker Peksag
f0425c7260
Refs #19353 -- Added tests for using custom user models with built-in auth forms.
...
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.
Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Jon Dufresne
fcd08c1757
Fixed #11665 -- Made TestCase check deferrable constraints after each test.
2016-02-13 06:53:39 -05:00
Tim Graham
004ba0f99e
Removed unneeded hint=None/obj=None in system check messages.
2016-02-12 13:01:25 -05:00
Tim Graham
015fad9060
Fixed #26175 -- Removed SHA1 password hashes in tests.
2016-02-06 08:47:21 -05:00
Simon Charette
6eb3ce11e4
Fixed #26089 -- Removed custom user test models from public API.
...
Thanks to Tim Graham for the review.
2016-02-04 12:30:34 -05:00
Hugo Osvaldo Barrera
dcee1dfc79
Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
...
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Hasan
26ad01719d
Refs #26022 -- Replaced six.assertRaisesRegex with assertRaisesMessage as appropriate.
2016-01-29 13:37:33 -05:00
Hasan
253adc2b8a
Refs #26022 -- Used context manager version of assertRaisesMessage in tests.
2016-01-29 13:03:39 -05:00
Hasan
3d0dcd7f5a
Refs #26022 -- Used context manager version of assertRaises in tests.
2016-01-29 12:32:18 -05:00
Claude Paroz
cf7894be88
Fixed #21113 -- Made LogEntry.change_message language independent
...
Thanks Tim Graham for the review.
2016-01-08 20:34:59 +01:00
Paulo Poiati
b643386668
Fixed #24855 -- Allowed using contrib.auth.login() without credentials.
...
Added an optional `backend` argument to login().
2016-01-07 08:56:07 -05:00
Simon Charette
a08fda2111
Fixed #25746 -- Isolated inlined test models registration.
...
Thanks to Tim for the review.
2016-01-06 20:00:07 -05:00
Simon Charette
3096f4b082
Imported required models directly in auth management tests.
2016-01-06 20:00:07 -05:00
Marten Kenbeek
16411b8400
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
...
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
Josh Soref
93452a70e8
Fixed many spelling mistakes in code, comments, and docs.
2015-12-03 12:48:24 -05:00
Tim Graham
9350616211
Removed explicit User ids in tests.
2015-11-24 09:59:20 -05:00
Tim Graham
590b8c1c57
Removed unnecessary app_label='auth' on auth_tests models.
...
This is a relic of when the tests were stored in contrib.auth.tests.
2015-10-27 08:19:45 -04:00
Tim Graham
5acf203db2
Fixed #25596 -- Fixed regression in password change view with custom user model.
...
The reverse() added in 50aa1a790c
crashed on a custom user model.
2015-10-27 08:18:22 -04:00
Kaleb Elwert
adcf823359
Fixed #25490 -- Made the logout() view send "no-cache" headers.
2015-10-02 12:29:54 -04:00
Antoine Catton
53ccffdb8c
Refs #16860 -- Fixed password help text when there aren't any validators.
...
This avoids creating an empty list which is invalid HTML 4.
2015-09-28 15:30:16 -04:00
Tzu-ping Chung
7372cdebed
Fixed #25457 -- Improved formatting of password validation errors in management command output.
2015-09-24 19:45:19 -04:00
Tim Graham
593c9eb660
Increased the default PBKDF2 iterations for the 1.10 release cycle.
2015-09-23 19:31:11 -04:00
Tim Graham
849037af36
Refs #23957 -- Required session verification per deprecation timeline.
2015-09-23 19:31:10 -04:00
Tim Graham
f1761e3fef
Refs #21648 -- Removed is_admin_site option from password_reset() view.
...
Per deprecation timeline.
2015-09-23 19:31:10 -04:00
Claude Paroz
8dc3ba5ceb
Removed obsolete supports_* auth backend attributes in tests
2015-09-20 12:16:28 +02:00
Tim Graham
c21410aeeb
Fixed typo in "pbkdf2" test names.
2015-09-19 20:44:37 -04:00
sujayskumar
d8d853378b
Fixed #24944 -- Added extra_email_context parameter to password_reset() view.
2015-09-18 18:56:04 -04:00
Dražen Odobašić
b1e33ceced
Fixed #23395 -- Limited line lengths to 119 characters.
2015-09-12 11:40:50 -04:00
David Gibbons
39b55537ec
Added two more tests for user-entered passwords when creating a superuser.
2015-08-18 16:22:14 -04:00