Mariusz Felisiak
3418092238
Fixed #32130 -- Fixed pre-Django 3.1 password reset tokens validation.
...
Thanks Gordon Wrigley for the report and implementation idea.
Regression in 226ebb1729
.
2020-10-22 13:21:14 +02:00
Jacob Walls
0362b0e986
Fixed #26615 -- Made password reset token invalidate when changing email.
...
Co-Authored-By: Silas Barta <sbarta@gmail.com>
2020-10-21 09:29:53 +02:00
Mariusz Felisiak
d907371ef9
Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
...
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.
Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Mariusz Felisiak
8725d04764
Fixed random auth_tests.test_tokens.TokenGeneratorTest.test_timeout failures.
...
Random failures depended on the current timestamp.
Thanks Matthijs Kooijman for the review.
2020-03-12 10:56:38 +01:00
Claude Paroz
da4923ea87
Refs #27468 -- Made PasswordResetTokenGenerator use SHA-256 algorithm.
2020-02-12 21:46:56 +01:00
Jon Dufresne
f791673537
Made token tests in auth_tests use assertIs() rather than assertTrue/False().
2020-01-29 09:01:18 +01:00
Mariusz Felisiak
ca0d50f34a
Fixed random auth_tests.test_tokens.TokenGeneratorTest.test_10265 failures.
...
Random failures depended on the current timestamp.
2019-11-13 14:22:23 +01:00
Mariusz Felisiak
3b4b36fb1d
Moved MockedPasswordResetTokenGenerator outside of TokenGeneratorTest.test_timeout().
2019-11-13 14:22:23 +01:00
Hasan Ramezani
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
Tim Graham
67a6ba391b
Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS."
...
This reverts commit 95993a89ce
.
2017-09-25 09:05:00 -04:00
Nick Zaccardi
95993a89ce
Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer than PASSWORD_RESET_TIMEOUT_DAYS.
2017-05-29 09:22:22 -04:00
jannh
c930c241f8
Fixed #28017 -- Allowed customizing PasswordResetTokenGenerator's secret.
2017-05-26 07:37:36 -04:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Romain Garrigues
ede59ef6f3
Fixed #27518 -- Prevented possibie password reset token leak via HTTP Referer header.
...
Thanks Florian Apolloner for contributing to this patch and
Collin Anderson, Markus Holtermann, and Tim Graham for review.
2017-01-13 09:17:54 -05:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Hasan
3d0dcd7f5a
Refs #26022 -- Used context manager version of assertRaises in tests.
2016-01-29 12:32:18 -05:00
Curtis Maloney
88d7fcebde
Use mock.patch in migrations tests
...
Currently some of the migrations tests rely on the fact 'input' is aliased
because of six, instead of using mock.patch. Replace this code with proper
use of mock.patch.
Also, replace one case of excessively specific python version check with
testing six.PY3
2015-04-09 11:16:12 +10:00
Tim Graham
2d7aca3da0
Moved contrib.auth tests out of contrib.
2015-02-11 10:19:22 -05:00