1
0
mirror of https://github.com/django/django.git synced 2025-10-24 06:06:09 +00:00
Commit Graph

361 Commits

Author SHA1 Message Date
Krzysztof Gogolewski
d02a03d574 Fixed #24370 -- Recommended starting with a custom user model. 2016-11-23 14:43:17 -05:00
Tim Graham
0d9ff873d9 Fixed #27467 -- Made UserAttributeSimilarityValidator max_similarity=0/1 work as documented.
Thanks goblinJoel for the report and feedback.
2016-11-16 17:40:37 -05:00
Jon Dufresne
f3ea0c4bbd Reverted "Fixed #26401 -- Added BaseAuthConfig to use auth without migrations."
This reverts commit 1ec1633cb2 as it
doesn't handle ContentType's auth.Permission dependency. Thus, it
doesn't allow auth without migrations.
2016-10-25 17:32:59 -07:00
Markus Holtermann
b5fc192b99 Fixed #27352 -- Doc'd social media fingerprinting consideration with login's redirect_authenticated_user. 2016-10-18 11:37:56 -04:00
Tim Graham
e262f00231 Fixed #27292 -- Removed unnecessary password assignment in auth backend example. 2016-10-04 14:02:06 -04:00
Lewis Cowles
1d25eb9688 Fixed #27294 -- Documented UserCreationForm's fields. 2016-09-30 13:56:53 -04:00
levental
617e36dc1e Fixed #20705 -- Allowed using PasswordResetForm with user models with an email field not named 'email'. 2016-09-27 11:59:00 -04:00
Berker Peksag
0a6ed6b1d9 Simplified has_perm() example in topics/auth/customizing.txt. 2016-09-23 15:28:32 -04:00
aruseni
cdde2eac5b Fixed a typo in docs/topics/auth/default.txt. 2016-09-17 20:09:15 -04:00
Aleksej Manaev
4b9330ccc0 Fixed #25187 -- Made request available in authentication backends. 2016-09-12 20:11:53 -04:00
Jon Dufresne
1ec1633cb2 Fixed #26401 -- Added BaseAuthConfig to use auth without migrations. 2016-09-10 16:38:05 -07:00
Jon Dufresne
66e1ebbffc Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView.
Allows specifying additional hosts to redirect after login and log out.
2016-09-07 19:56:25 -07:00
Tim Graham
9f27735612 Fixed #27013 -- Clarified commands to install argon2/bcrypt packages. 2016-08-19 19:23:12 -04:00
Tim Graham
7549eb0004 Fixed #27009 -- Made update_session_auth_hash() rotate the session key. 2016-08-15 19:29:12 -04:00
Tim Graham
4c2a6fe75b Clarified session verification with respect to the current session. 2016-08-11 12:08:50 -04:00
an0o0nym
c412aaca73 Fixed #26957 -- Corrected authenticate() docs regarding User.is_active. 2016-08-10 19:52:01 -04:00
Tim Graham
796cc62026 Fixed #27045 -- Documented that AUTH_PASSWORD_VALIDATORS aren't applied at the model level. 2016-08-10 15:52:16 -04:00
jordij
0814566bf1 Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset. 2016-08-10 10:23:16 -04:00
Andrew Nester
0ba179194b Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login(). 2016-07-28 11:57:02 -04:00
Tim Graham
412b4126d7 Removed a blank line per isort and a trailing whitespace. 2016-07-28 11:56:25 -04:00
Claude Paroz
255fb99284 Fixed #17209 -- Added password reset/change class-based views
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Jiang Haiyun
6d61ec0e1a Fixed a typo in auth docs. 2016-07-04 11:02:11 -04:00
Ramiro Morales
c962b9104a Added missing trailing '$' to url() patterns in docs. 2016-06-27 09:18:44 -04:00
Bang Dao + Tam Huynh
09119dff14 Fixed #26719 -- Normalized email in AbstractUser.clean(). 2016-06-24 10:37:38 -04:00
Claude Paroz
78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
Tim Graham
39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser.
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
2016-06-21 16:19:37 -04:00
Ville Skyttä
96f97691ad Fixed broken links in docs and comments. 2016-06-15 21:20:23 -04:00
Ed Henderson
4a4d7f980e Fixed #26021 -- Applied hanging indentation to docs. 2016-06-03 11:44:34 -04:00
Bas Westerbaan
9407cc966b Fixed #26635 -- Clarified Argon2PasswordHasher's memory_cost differs from command line utility. 2016-05-27 18:37:12 -04:00
Tim Graham
46a38307c2 Removed versionadded/changed annotations for 1.9. 2016-05-20 11:44:29 -04:00
Florian Apolloner
9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Claude Paroz
9935f97cd2 Refs #21379 -- Normalized unicode username inputs 2016-05-16 19:38:02 +02:00
Tim Graham
5238af3257 Used 'classmethod' annotation in docs/topics/auth/customizing.txt 2016-05-14 18:58:09 -04:00
Tim Graham
2c4c67af94 Fixed #26514 -- Documented that User.refresh_from_db() doesn't clear the permission cache. 2016-04-18 09:02:56 -04:00
Jeremy Lainé
c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Alexander Gaevsky
e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Tim Graham
c41737dc00 Fixed #26392 -- Corrected login_required/permission_required stacking example. 2016-03-21 19:56:15 -04:00
Bas Westerbaan
b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Florian Apolloner
67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Olivier Le Thanh Duong
10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham
441c537b66 Fixed a function signature in docs/topics/auth/default.txt. 2016-02-24 16:24:33 -05:00
Tim Graham
47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Markus Holtermann
b14470c7b7 Fixed spelling error 2016-02-23 10:24:38 +11:00
Tim Graham
5a541e2e6c Fixed #26188 -- Documented how to wrap password hashers. 2016-02-22 17:21:45 -05:00
Daniel Quinn
de7edc005f Fixed import location of check_password() in docs. 2016-02-22 12:42:47 -05:00
Berker Peksag
f0425c7260 Refs #19353 -- Added tests for using custom user models with built-in auth forms.
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.

Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Hugo Osvaldo Barrera
dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Tim Graham
1e9150443e Refs #26089 -- Removed obsolete docs about custom user model testing. 2016-02-02 08:12:08 -05:00
Tim Graham
8ce8beb3f2 Unified some doc links to OneToOneField and ManyToManyField. 2016-02-01 11:02:26 -05:00
rowanv
a6ef025dfb Fixed #26124 -- Added missing code formatting to docs headers. 2016-02-01 10:42:05 -05:00