0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Commit Graph

334 Commits

Author SHA1 Message Date
Mads Jensen
d917c17a3b Completed test coverage for AnonymousUser. 2017-09-28 13:11:23 -04:00
Mads Jensen
7fce4dc5ff Moved AnonymousUser tests to its own test case. 2017-09-28 13:11:07 -04:00
Mads Jensen
4803834aaa Added a test for PermWrapper.__iter__(). 2017-09-26 19:42:50 -04:00
Tim Graham
67a6ba391b Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS."
This reverts commit 95993a89ce.
2017-09-25 09:05:00 -04:00
Tim Graham
5e31be1b96 Refs #25187 -- Required the authenticate() method of authentication backends to have request as the first positional argument.
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
6e40b70bf4 Refs #26929 -- Removed extra_context parameter of contrib.auth.views.logout_then_login().
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Tim Graham
4f313e284e Refs #17209 -- Removed login/logout and password reset/change function-based views.
Per deprecation timeline.
2017-09-22 12:51:17 -04:00
Luoxzhg
ffbee67f8e Fixed some comments referring to a nonexistent TestClient class. 2017-09-09 11:21:15 -04:00
ZachLiuGIS
2dacc2ccd9 Fixed #28550 -- Restored contrib.auth's login() and logout() views' respect of positional arguments.
Regression in 78963495d0.

Forwardport of f8e0557b01 from stable/1.11.x
2017-09-03 12:06:44 -04:00
François Freitag
18dd9ba481 Fixed test in auth_tests modifying data from setUpTestData(). 2017-09-01 21:43:41 -04:00
hui shang
c0f4c60edd Fixed #28513 -- Added POST request support to LogoutView. 2017-08-24 09:11:16 -04:00
Mads Jensen
a51c4de194 Used assertRaisesMessage() to test Django's error messages. 2017-07-29 19:07:23 -04:00
Andrew Pinkham
a96b981d84 Fixed #28127 -- Allowed UserCreationForm's password validation to check all user fields. 2017-06-21 09:22:15 -04:00
Chandrakant Kumar
2b09e4c88e Fixed #27787 -- Made call_command() validate the options it receives. 2017-06-16 21:28:38 -04:00
Mikhail Golubev
e7dc39fb65 Fixed #28229 -- Fixed the value of LoginView's "next" template variable. 2017-06-13 09:13:22 -04:00
Jon Dufresne
2c69824e5a Refs #23968 -- Removed unnecessary lists, generators, and tuple calls. 2017-06-01 19:08:59 -04:00
Linus Lewandowski
eedc88bd4a Fixed #26823 -- Prevented update_last_login signal receiver from crashing if User model doesn't have last_login field. 2017-05-29 17:31:18 -04:00
Nick Zaccardi
95993a89ce Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS. 2017-05-29 09:22:22 -04:00
jannh
c930c241f8 Fixed #28017 -- Allowed customizing PasswordResetTokenGenerator's secret. 2017-05-26 07:37:36 -04:00
Bruno Alla
6092ea8fa6 Refs #27804 -- Used subTest() in several tests. 2017-05-24 08:36:34 -04:00
Daniel Hahler
a3ba2662cd Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials.
Regression in 3008f30f19.
2017-05-22 12:24:38 -04:00
Tamas Szabo
3008f30f19 Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request. 2017-05-15 07:48:15 -04:00
Sławek Ehlert
faaf62f616 Improved test coverage for createsuperuser command. 2017-05-12 10:29:56 -04:00
Josh Schneier
5df0ff4155 Fixed #28089 -- Removed requirement to implement get_short_name() and get_full_name() in AbstractBaseUser subclasses. 2017-05-06 17:05:42 -04:00
Tim Graham
dff559ff83 Fixed #28097 -- Fixed layout of ReadOnlyPasswordHashWidget. 2017-04-19 12:59:30 -04:00
Tim Graham
d4d79d0f20 Refs #27025 -- Fixed "invalid escape sequence" warning in auth_tests on Python 3.6. 2017-04-02 20:02:55 -04:00
Camilo Nova
5db465d5a6 Fixed #27891 -- Added PasswordResetConfirmView.post_reset_login_backend. 2017-03-07 19:52:26 -05:00
Tim Graham
72ff9d53e6 Factored out uid/user tokens in auth_tests urlpatterns. 2017-03-07 18:56:10 -05:00
Anton Samarchyan
7588d7e439 Improved test coverage for django.contrib.auth. 2017-03-01 17:29:50 -05:00
Tim Graham
c31e7ab5a4 Refs #25187 -- Fixed AuthBackend.authenticate() compatibility for signatures that accept a request kwarg. 2017-02-24 10:15:41 -05:00
Markus Holtermann
b9b35f9efa
Fixed #27840 -- Fixed KeyError in PasswordResetConfirmView.form_valid().
When a user is already logged in when submitting the password and
password confirmation to reset a password, a KeyError occurred while
removing the reset session token from the session.

Refs #17209

Thanks Quentin Marlats for the report and Florian Apolloner and Tim
Graham for the review.
2017-02-15 00:35:04 +01:00
Zoltan Gyarmati
41ba27fefd Fixed #27815 -- Made LoginView pass the request kwarg to AuthenticationForm. 2017-02-07 08:54:21 -05:00
Claude Paroz
c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham
29f607927f Fixed spelling of "nonexistent". 2017-02-03 08:01:45 -05:00
Claude Paroz
fee42fd99e Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
Tim Graham
1c466994d9 Refs #23919 -- Removed misc Python 2/3 references. 2017-01-25 13:59:25 -05:00
chillaranand
d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Claude Paroz
2366100872 Removed unneeded force_text calls in the test suite 2017-01-24 18:45:54 +01:00
Tim Graham
d170c63351 Refs #23919 -- Removed misc references to Python 2. 2017-01-21 20:02:00 -05:00
Tim Graham
7aba69145d Refs #23919 -- Removed django.test.mock Python 2 compatibility shim. 2017-01-20 08:17:20 -05:00
Claude Paroz
042b7350a0 Refs #23919 -- Removed unneeded str() calls 2017-01-20 14:13:55 +01:00
Tim Graham
4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage.
These functions do nothing on Python 3.
2017-01-20 08:01:02 -05:00
Tim Graham
109b33f64c Refs #23919 -- Simplified assertRaisesRegex()'s that accounted for Python 2. 2017-01-20 08:49:47 +01:00
Claude Paroz
dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Simon Charette
9695b14982 Refs #23919 -- Removed str() conversion of type and method __name__. 2017-01-19 11:31:07 -05:00
Simon Charette
cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Claude Paroz
2b281cc35e Refs #23919 -- Removed most of remaining six usage
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
f3c43ad1fd Refs #23919 -- Removed python_2_unicode_compatible decorator usage 2017-01-18 13:44:34 +01:00
Claude Paroz
d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Tim Graham
0bf3228eec Increased the default PBKDF2 iterations for the 1.11 release cycle. 2017-01-17 20:52:05 -05:00
Tim Graham
d334f46b7a Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. 2017-01-17 20:52:04 -05:00
Tim Graham
eba093e8b0 Refs #25847 -- Removed support for User.is_(anonymous|authenticated) as methods.
Per deprecation timeline.
2017-01-17 20:52:03 -05:00
Romain Garrigues
ede59ef6f3 Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header.
Thanks Florian Apolloner for contributing to this patch and
Collin Anderson, Markus Holtermann, and Tim Graham for review.
2017-01-13 09:17:54 -05:00
Tim Graham
3226536127 Split AuthTemplateTests into test methods. 2017-01-12 13:18:49 -05:00
Tim Graham
b5f0b3478d Fixed #27579 -- Added aliases for Python 3's assertion names in SimpleTestCase. 2016-12-07 17:42:31 -05:00
Tim Graham
93a081946d Normalized casing of "custom user model". 2016-11-23 15:14:28 -05:00
Florian Apolloner
51eaff6d35 Refs #17209 -- Fixed token verification for PasswordResetConfirmView POST requests. 2016-11-21 13:42:25 -05:00
Tim Graham
0d9ff873d9 Fixed #27467 -- Made UserAttributeSimilarityValidator max_similarity=0/1 work as documented.
Thanks goblinJoel for the report and feedback.
2016-11-16 17:40:37 -05:00
Ramin Farajpour Cami
967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
za
321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
Tim Graham
20be1918e7 Simplified some auth_tests with assertRedirects(). 2016-10-28 11:52:52 -04:00
Jon Dufresne
f3ea0c4bbd Reverted "Fixed #26401 -- Added BaseAuthConfig to use auth without migrations."
This reverts commit 1ec1633cb2 as it
doesn't handle ContentType's auth.Permission dependency. Thus, it
doesn't allow auth without migrations.
2016-10-25 17:32:59 -07:00
levental
617e36dc1e Fixed #20705 -- Allowed using PasswordResetForm with user models with an email field not named 'email'. 2016-09-27 11:59:00 -04:00
Berker Peksag
f7e91cac68 Fixed #27053 -- Documented contrib.auth.get_user(). 2016-09-27 10:41:14 -04:00
Tim Graham
8119b679eb Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Jibodeah
9459ec82aa Fixed #26170 -- Made ModelAdmin views run transactions on the correct database.
Thanks juntatalor for the initial patch.
2016-09-14 16:06:39 -04:00
Gavin Wahl
f0f3de3c96 Fixed #23155 -- Added request argument to user_login_failed signal. 2016-09-12 20:30:34 -04:00
Aleksej Manaev
4b9330ccc0 Fixed #25187 -- Made request available in authentication backends. 2016-09-12 20:11:53 -04:00
Tim Graham
e07b18252b Added a blank line per isort. 2016-09-12 20:03:31 -04:00
Jon Dufresne
1ec1633cb2 Fixed #26401 -- Added BaseAuthConfig to use auth without migrations. 2016-09-10 16:38:05 -07:00
Tim Graham
0368d63a78 Fixed indentation in previous commit. 2016-09-10 18:39:13 -04:00
Alexander Gaevsky
536db42cf0 Fixed #26097 -- Added password_validators_help_text_html to UserCreationForm. 2016-09-10 18:23:18 -04:00
Jon Dufresne
66e1ebbffc Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView.
Allows specifying additional hosts to redirect after login and log out.
2016-09-07 19:56:25 -07:00
Jon Dufresne
488b3d2b38 Fixed typo in auth management test. 2016-08-28 19:20:35 -07:00
Berker Peksag
3c18f8a3d2 Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields. 2016-08-24 13:20:12 -04:00
Przemysław Suliga
549b90fab3 Refs #26902 -- Protected against insecure redirects in Login/LogoutView. 2016-08-19 19:01:01 -04:00
Tim Graham
13857b45ca Removed unused 'password' parameter in auth_tests. 2016-08-18 19:01:28 -04:00
Tim Graham
7549eb0004 Fixed #27009 -- Made update_session_auth_hash() rotate the session key. 2016-08-15 19:29:12 -04:00
Andrew Nester
4591cf3fd8 Fixed #26909 -- Allowed UserAttributeSimilarityValidator to validate against model properties. 2016-08-10 15:08:06 -04:00
jordij
0814566bf1 Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset. 2016-08-10 10:23:16 -04:00
Olexander Yermakov
975a76a964 Fixed #26951 -- Allowed AuthenticationForm to work with a username of 0. 2016-08-10 09:44:48 -04:00
Sergey Yurchenko
4e64e3bb6e Fixed #26997 -- Fixed checks crash with empty Meta.default_permissions. 2016-08-03 09:14:01 -04:00
Andrew Nester
0ba179194b Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login(). 2016-07-28 11:57:02 -04:00
Tim Graham
412b4126d7 Removed a blank line per isort and a trailing whitespace. 2016-07-28 11:56:25 -04:00
Andrew Nester
dde6288fbe Fixed #26882 -- Added tests for auth.views.logout_then_login(). 2016-07-22 15:04:13 -04:00
Claude Paroz
255fb99284 Fixed #17209 -- Added password reset/change class-based views
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Bang Dao + Tam Huynh
09119dff14 Fixed #26719 -- Normalized email in AbstractUser.clean(). 2016-06-24 10:37:38 -04:00
Claude Paroz
78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
Tim Graham
39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser.
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
2016-06-21 16:19:37 -04:00
Jon Dufresne
4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Tim Graham
1915a7e5c5 Increased the default PBKDF2 iterations. 2016-05-20 09:19:19 -04:00
Simon Charette
7694e196ce
Moved the AUTH_USER_MODEL setting changed receiver.
Test suites besides Django's may need the same behavior.
2016-05-18 09:56:29 -04:00
Loïc Bistuer
4ff1e6ef58 Fixed running auth_tests in isolation after 3a47d42fa3. 2016-05-18 06:38:42 -04:00
Tim Graham
ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner
9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Loïc Bistuer
3a47d42fa3 Fixed #20932, #25897 -- Streamlined manager inheritance. 2016-05-17 02:29:22 +07:00
Claude Paroz
9935f97cd2 Refs #21379 -- Normalized unicode username inputs 2016-05-16 19:38:02 +02:00
Claude Paroz
526575c641 Fixed #21379 -- Created auth-specific username validators
Thanks Tim Graham for the review.
2016-05-16 19:37:57 +02:00
Simon Charette
61a16e0270 Fixed #24075 -- Used post-migration models in contrib apps receivers.
Thanks Markus and Tim for the review.
2016-05-15 19:51:16 -04:00
Claude Paroz
b26fedacef Fixed #26544 -- Delayed translations of SetPasswordForm help_texts
Thanks Michael Bitzi for the reporti and Tim Graham for the review.
2016-05-07 10:17:49 +02:00
Tim Graham
03efa304bc Refs #25847 -- Added system check for UserModel.is_anonymous/is_authenticated methods. 2016-05-06 08:56:06 -04:00
Tim Graham
f945fb24a3 Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 10:09:57 -04:00
Bas Westerbaan
a5033dbc58 Refs #26033 -- Added password hasher support for Argon2 v1.3.
The previous version of Argon2 uses encoded hashes of the form:
   $argon2d$m=8,t=1,p=1$<salt>$<data>

The new version of Argon2 adds its version into the hash:
   $argon2d$v=19$m=8,t=1,p=1$<salt>$<data>

This lets Django handle both version properly.
2016-04-25 21:17:53 -04:00
Jeremy Lainé
c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Tim Graham
92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00
Simon Charette
a872194802 Fixed #26470 -- Converted auth permission validation to system checks.
Thanks Tim for the review.
2016-04-06 22:40:43 -04:00
Simon Charette
fc34be896d Extracted auth checks tests into their own module. 2016-04-06 22:40:43 -04:00
Alexander Gaevsky
e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Tim Graham
1243fdf5cb Fixed #26395 -- Skipped the CryptPasswordHasher tests on platforms with a dummy crypt module. 2016-03-22 11:22:21 -04:00
Berker Peksag
efa9539787 Fixed #26381 -- Made UserCreationForm reusable with custom user models that define USERNAME_FIELD. 2016-03-21 12:32:42 -04:00
Vincenzo Pandolfo
d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
ieatkittens
ab8af342b1 Fixed #26343 -- Sent user_login_failed signal if an auth backend raises PermissionDenied. 2016-03-12 16:44:39 -05:00
Tim Graham
5ca045cd25 Moved createsuperuser test app into auth_tests. 2016-03-08 13:06:58 -05:00
Bas Westerbaan
b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Jon Dufresne
4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Jon Dufresne
8d3fcfa39e Cleaned up tests to use call_command() instead of Command.execute(). 2016-03-05 12:59:30 -05:00
Alasdair Nicol
8c42cf0cbd Fixed #26303 -- Updated links to mod_wsgi docs. 2016-03-01 19:22:32 -05:00
Florian Apolloner
67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Jon Dufresne
eac1423f9e Removed obsolete test CreatesuperuserManagementCommandTestCase.test_nolocale.
Test was added in 4c934f3921 to verify that
the commend works when locale.getdefaultlocale() doesn't return a locale.
getdefaultlocale() no longer runs at runtime, so the test isn't needed.
2016-02-29 08:46:37 -05:00
Olivier Le Thanh Duong
10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham
c62807968d Fixed a stray __unicode__() method in auth_tests. 2016-02-23 13:20:50 -05:00
Tim Graham
47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Berker Peksag
f0425c7260 Refs #19353 -- Added tests for using custom user models with built-in auth forms.
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.

Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Jon Dufresne
fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Tim Graham
004ba0f99e Removed unneeded hint=None/obj=None in system check messages. 2016-02-12 13:01:25 -05:00
Tim Graham
015fad9060 Fixed #26175 -- Removed SHA1 password hashes in tests. 2016-02-06 08:47:21 -05:00
Simon Charette
6eb3ce11e4 Fixed #26089 -- Removed custom user test models from public API.
Thanks to Tim Graham for the review.
2016-02-04 12:30:34 -05:00
Hugo Osvaldo Barrera
dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Hasan
26ad01719d Refs #26022 -- Replaced six.assertRaisesRegex with assertRaisesMessage as appropriate. 2016-01-29 13:37:33 -05:00
Hasan
253adc2b8a Refs #26022 -- Used context manager version of assertRaisesMessage in tests. 2016-01-29 13:03:39 -05:00
Hasan
3d0dcd7f5a Refs #26022 -- Used context manager version of assertRaises in tests. 2016-01-29 12:32:18 -05:00
Claude Paroz
cf7894be88 Fixed #21113 -- Made LogEntry.change_message language independent
Thanks Tim Graham for the review.
2016-01-08 20:34:59 +01:00
Paulo Poiati
b643386668 Fixed #24855 -- Allowed using contrib.auth.login() without credentials.
Added an optional `backend` argument to login().
2016-01-07 08:56:07 -05:00
Simon Charette
a08fda2111 Fixed #25746 -- Isolated inlined test models registration.
Thanks to Tim for the review.
2016-01-06 20:00:07 -05:00
Simon Charette
3096f4b082 Imported required models directly in auth management tests. 2016-01-06 20:00:07 -05:00
Marten Kenbeek
16411b8400 Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
Josh Soref
93452a70e8 Fixed many spelling mistakes in code, comments, and docs. 2015-12-03 12:48:24 -05:00
Tim Graham
9350616211 Removed explicit User ids in tests. 2015-11-24 09:59:20 -05:00
Tim Graham
590b8c1c57 Removed unnecessary app_label='auth' on auth_tests models.
This is a relic of when the tests were stored in contrib.auth.tests.
2015-10-27 08:19:45 -04:00
Tim Graham
5acf203db2 Fixed #25596 -- Fixed regression in password change view with custom user model.
The reverse() added in 50aa1a790c
crashed on a custom user model.
2015-10-27 08:18:22 -04:00
Kaleb Elwert
adcf823359 Fixed #25490 -- Made the logout() view send "no-cache" headers. 2015-10-02 12:29:54 -04:00
Antoine Catton
53ccffdb8c Refs #16860 -- Fixed password help text when there aren't any validators.
This avoids creating an empty list which is invalid HTML 4.
2015-09-28 15:30:16 -04:00
Tzu-ping Chung
7372cdebed Fixed #25457 -- Improved formatting of password validation errors in management command output. 2015-09-24 19:45:19 -04:00
Tim Graham
593c9eb660 Increased the default PBKDF2 iterations for the 1.10 release cycle. 2015-09-23 19:31:11 -04:00
Tim Graham
849037af36 Refs #23957 -- Required session verification per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham
f1761e3fef Refs #21648 -- Removed is_admin_site option from password_reset() view.
Per deprecation timeline.
2015-09-23 19:31:10 -04:00
Claude Paroz
8dc3ba5ceb Removed obsolete supports_* auth backend attributes in tests 2015-09-20 12:16:28 +02:00
Tim Graham
c21410aeeb Fixed typo in "pbkdf2" test names. 2015-09-19 20:44:37 -04:00
sujayskumar
d8d853378b Fixed #24944 -- Added extra_email_context parameter to password_reset() view. 2015-09-18 18:56:04 -04:00
Dražen Odobašić
b1e33ceced Fixed #23395 -- Limited line lengths to 119 characters. 2015-09-12 11:40:50 -04:00
David Gibbons
39b55537ec Added two more tests for user-entered passwords when creating a superuser. 2015-08-18 16:22:14 -04:00
Tim Graham
fa14fb9771 Fixed flake8 warning. 2015-08-02 21:30:13 -04:00
Alex Becker
53d28f8339 Fixed #25089 -- Added password validation to createsuperuser/changepassword. 2015-08-01 20:18:26 -04:00
Flavio Curella
c2e70f0265 Fixed #21127 -- Started deprecation toward requiring on_delete for ForeignKey/OneToOneField 2015-07-27 18:28:13 -04:00
Tim Graham
774c16d16e Fixed #25052; refs #16860 -- Added password validation to UserCreationForm. 2015-07-20 13:44:34 -04:00
Tim Graham
f5e9d67907 Refs #16860 -- Moved password_changed() logic to AbstractBaseUser.
Thanks Carl Meyer for review.
2015-07-20 13:44:26 -04:00
Jan Pazdziora
a570701e02 Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication. 2015-07-02 17:38:10 -04:00
Tim Graham
7da3923ba0 Sorted imports in __init__.py files. 2015-06-27 11:53:33 -04:00
Tim Graham
aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap.
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Francisco Albarran
e75b614640 Fixed #25009 -- Allowed User.objects.create_user(...,is_staff=True) to work. 2015-06-22 11:34:26 -04:00
Tim Graham
7f1168e387 Removed support for Python 3.3. 2015-06-18 08:36:50 -04:00
Markus Holtermann
e5cb4e1411 Fixed #24914 -- Added authentication mixins for CBVs
Added the mixins LoginRequiredMixin, PermissionRequiredMixin and
UserPassesTestMixin to contrib.auth as counterparts to the respective
view decorators.

The authentication mixins UserPassesTestMixin, LoginRequiredMixin and
PermissionRequiredMixin have been inspired by django-braces
<https://github.com/brack3t/django-braces/>

Thanks Raphael Michel for the initial patch, tests and docs on the PR
and Ana Balica, Kenneth Love, Marc Tamlyn, and Tim Graham for the
review.
2015-06-17 23:19:10 +02:00
Tim Graham
09f2cdbe1a Refs #16860 -- Fixed a resource and deprecation warning in password validation. 2015-06-16 11:02:27 -04:00
Tim Graham
55b3bd8468 Refs #16860 -- Minor edits and fixes to password validation. 2015-06-10 07:41:01 -04:00
Marten Kenbeek
1e82094f1b Fixed #21927 -- Made application and instance namespaces more distinct.
Made URL application namespaces be set in the included URLconf and
instance namespaces in the call to include(). Deprecated other ways
to set application and instance namespaces.
2015-06-08 15:12:20 -04:00
Raphael Michel
39937de7e6 Fixed #24929 -- Allowed permission_required decorator to take any iterable 2015-06-08 13:44:39 -04:00
Erik Romijn
1daae25bdc Fixed #16860 -- Added password validation to django.contrib.auth. 2015-06-07 19:31:20 +02:00
Alasdair Nicol
1ea87c8c79 Fixed #24910 -- Added createsuperuser support for non-unique USERNAME_FIELDs
Clarified docs to say that a non-unique USERNAME_FIELD is permissable
as long as the custom auth backend can support it.
2015-06-06 09:33:02 -04:00
Simon Charette
be67400b47 Refs #24652 -- Used SimpleTestCase where appropriate. 2015-05-20 13:46:13 -04:00
Riccardo Magliocchetti
ae1efb853c Refs #24553 -- Fixed urlpatterns leakage in auth_tests 2015-05-19 07:43:40 -04:00
Jay Cox
eef95ea96f Fixed #24696 -- Made CSRF_COOKIE computation lazy.
Only compute the CSRF_COOKIE when it is actually used. This is a
significant speedup for clients not using cookies.

Changed result of the “test_token_node_no_csrf_cookie” test:  It gets
a valid CSRF token now which seems like the correct behavior.

Changed auth_tests.test_views.LoginTest.test_login_csrf_rotate to
use get_token() to trigger CSRF cookie inclusion instead of changing
request.META["CSRF_COOKIE_USED"] directly.
2015-05-02 19:45:14 -04:00
Curtis Maloney
88d7fcebde Use mock.patch in migrations tests
Currently some of the migrations tests rely on the fact 'input' is aliased
because of six, instead of using mock.patch.  Replace this code with proper
use of mock.patch.

Also, replace one case of excessively specific python version check with
testing six.PY3
2015-04-09 11:16:12 +10:00
Tim Graham
b86abbceb9 Fixed #24115 -- Allowed bcrypt hashers to upgrade passwords on rounds change.
Thanks Florian Apolloner for the review.
2015-03-30 18:52:59 -04:00
Claude Paroz
c2bfd76ec3 Refs #15779 -- Fixed UserChangeForm regression introduced by 1791a7e75
Thanks Tim Graham for reporting the regression.
2015-03-28 09:24:01 +01:00
Joeri Bekker
0ed20d5cc4 Fixed #23926 -- Improved validation error for custom permissions that are too long. 2015-03-16 12:13:49 -04:00
Josh Smeaton
39a7eed1bb Converted test fixtures to setUpTestData methods 2015-03-05 10:10:32 +11:00
Tim Graham
e0b3926026 Isolated auth_tests from contenttypes_tests; refs #11505. 2015-02-14 22:04:48 -05:00
Tim Graham
002425fe39 Fixed #24315 -- Fixed auth.views.password_reset_confirm() with a UUID user. 2015-02-13 09:56:31 -05:00
Tim Graham
fdf20093e0 Fixed #24334 -- Allowed admin password reset to work with non-digit custom user model primary key.
Thanks Loic for help and Simon for review.
2015-02-13 09:42:49 -05:00
Tim Graham
0f7f5bc9e7 Fixed #24161 -- Stored the user primary key as a serialized value in the session.
This allows using a UUIDField primary key along with the JSON session
serializer.

Thanks to Trac alias jamesbeith for the report and Simon Charette
for the initial patch.
2015-02-12 07:38:16 -05:00
Tim Graham
5ab327a389 Moved non-documented auth test models to the new test location. 2015-02-11 10:29:48 -05:00
Tim Graham
2d7aca3da0 Moved contrib.auth tests out of contrib. 2015-02-11 10:19:22 -05:00