mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity
24,114 Commits 30 Branches 460 Tags
5b450b84e14f42302f58ec1f15a67a368e64d85c
Commit Graph

38 Commits

Author SHA1 Message Date
Mikhail Golubev
16431b03f8 [1.11.x] Fixed #28229 -- Fixed the value of LoginView's "next" template variable. 
Backport of e7dc39fb65 from master
 2017-06-13 09:19:11 -04:00
Camilo Nova
33d2c53fb1 [1.11.x] Fixed #27891 -- Added PasswordResetConfirmView.post_reset_login_backend. 
Backport of 5db465d5a6 from master
 2017-03-07 19:54:23 -05:00
Markus Holtermann
f5ff5be2c1 [1.11.x] Fixed #27840 -- Fixed KeyError in PasswordResetConfirmView.form_valid(). 
When a user is already logged in when submitting the password and
password confirmation to reset a password, a KeyError occurred while
removing the reset session token from the session.

Refs #17209

Thanks Quentin Marlats for the report and Florian Apolloner and Tim
Graham for the review.
 2017-02-15 00:38:57 +01:00
Zoltan Gyarmati
f94e1a5de4 [1.11.x] Fixed #27815 -- Made LoginView pass the request kwarg to AuthenticationForm. 
Backport of 41ba27fefd from master
 2017-02-07 09:42:21 -05:00
Romain Garrigues
ede59ef6f3 Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header. 
Thanks Florian Apolloner for contributing to this patch and
Collin Anderson, Markus Holtermann, and Tim Graham for review.
 2017-01-13 09:17:54 -05:00
Florian Apolloner
51eaff6d35 Refs #17209 -- Fixed token verification for PasswordResetConfirmView POST requests. 2016-11-21 13:42:25 -05:00
za
321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
Tim Graham
20be1918e7 Simplified some auth_tests with assertRedirects(). 2016-10-28 11:52:52 -04:00
Jon Dufresne
66e1ebbffc Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView. 
Allows specifying additional hosts to redirect after login and log out.
 2016-09-07 19:56:25 -07:00
Przemysław Suliga
549b90fab3 Refs #26902 -- Protected against insecure redirects in Login/LogoutView. 2016-08-19 19:01:01 -04:00
Tim Graham
13857b45ca Removed unused 'password' parameter in auth_tests. 2016-08-18 19:01:28 -04:00
Tim Graham
7549eb0004 Fixed #27009 -- Made update_session_auth_hash() rotate the session key. 2016-08-15 19:29:12 -04:00
jordij
0814566bf1 Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset. 2016-08-10 10:23:16 -04:00
Andrew Nester
0ba179194b Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login(). 2016-07-28 11:57:02 -04:00
Andrew Nester
dde6288fbe Fixed #26882 -- Added tests for auth.views.logout_then_login(). 2016-07-22 15:04:13 -04:00
Claude Paroz
78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views 
Thanks Tim Graham for the review.
 2016-06-24 10:45:13 +02:00
Tim Graham
92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00
Olivier Le Thanh Duong
10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view. 
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
 2016-02-25 07:18:33 -05:00
Jon Dufresne
fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Tim Graham
015fad9060 Fixed #26175 -- Removed SHA1 password hashes in tests. 2016-02-06 08:47:21 -05:00
Simon Charette
6eb3ce11e4 Fixed #26089 -- Removed custom user test models from public API. 
Thanks to Tim Graham for the review.
 2016-02-04 12:30:34 -05:00
Hugo Osvaldo Barrera
dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting. 
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
 2016-02-04 10:35:37 -05:00
Claude Paroz
cf7894be88 Fixed #21113 -- Made LogEntry.change_message language independent 
Thanks Tim Graham for the review.
 2016-01-08 20:34:59 +01:00
Marten Kenbeek
16411b8400 Fixed #26013 -- Moved django.core.urlresolvers to django.urls. 
Thanks to Tim Graham for the review.
 2015-12-31 14:21:29 -05:00
Josh Soref
93452a70e8 Fixed many spelling mistakes in code, comments, and docs. 2015-12-03 12:48:24 -05:00
Tim Graham
5acf203db2 Fixed #25596 -- Fixed regression in password change view with custom user model. 
The reverse() added in 50aa1a790c
crashed on a custom user model.
 2015-10-27 08:18:22 -04:00
Kaleb Elwert
adcf823359 Fixed #25490 -- Made the logout() view send "no-cache" headers. 2015-10-02 12:29:54 -04:00
Tim Graham
849037af36 Refs #23957 -- Required session verification per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham
f1761e3fef Refs #21648 -- Removed is_admin_site option from password_reset() view. 
Per deprecation timeline.
 2015-09-23 19:31:10 -04:00
sujayskumar
d8d853378b Fixed #24944 -- Added extra_email_context parameter to password_reset() view. 2015-09-18 18:56:04 -04:00
Tim Graham
aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap. 
Forwardport of ae1d663b79
from stable/1.8.x plus more.
 2015-06-24 16:08:20 -04:00
Jay Cox
eef95ea96f Fixed #24696 -- Made CSRF_COOKIE computation lazy. 
Only compute the CSRF_COOKIE when it is actually used. This is a
significant speedup for clients not using cookies.

Changed result of the “test_token_node_no_csrf_cookie” test:  It gets
a valid CSRF token now which seems like the correct behavior.

Changed auth_tests.test_views.LoginTest.test_login_csrf_rotate to
use get_token() to trigger CSRF cookie inclusion instead of changing
request.META["CSRF_COOKIE_USED"] directly.
 2015-05-02 19:45:14 -04:00
Claude Paroz
c2bfd76ec3 Refs #15779 -- Fixed UserChangeForm regression introduced by 1791a7e75 
Thanks Tim Graham for reporting the regression.
 2015-03-28 09:24:01 +01:00
Josh Smeaton
39a7eed1bb Converted test fixtures to setUpTestData methods 2015-03-05 10:10:32 +11:00
Tim Graham
002425fe39 Fixed #24315 -- Fixed auth.views.password_reset_confirm() with a UUID user. 2015-02-13 09:56:31 -05:00
Tim Graham
fdf20093e0 Fixed #24334 -- Allowed admin password reset to work with non-digit custom user model primary key. 
Thanks Loic for help and Simon for review.
 2015-02-13 09:42:49 -05:00
Tim Graham
5ab327a389 Moved non-documented auth test models to the new test location. 2015-02-11 10:29:48 -05:00
Tim Graham
2d7aca3da0 Moved contrib.auth tests out of contrib. 2015-02-11 10:19:22 -05:00