django.git/django/contrib/auth/backends.py, branch fix-31295

django.git/django/contrib/auth/backends.py, branch fix-31295 django http://cgit.adnoto.dev/django.git/atom?h=fix-31295 2026-04-27T14:22:04Z Fixed #36901 -- Centralized auth timing attack mitigations. 2026-04-27T14:22:04Z afenoum anja1catus@gmail.com 2026-04-20T10:44:42Z urn:sha1:c63591d4da533944af31ccb46a77eb221dbdba0a Thank you Mar Bartolome and Tim Schilling for reviews. Fixed #36542 -- Marked authenticate() with @sensitive_variables() decorator. 2026-04-24T18:19:15Z KANIN KEARPIMY jamesk@KANINs-MacBook-Air.local 2026-03-31T15:56:13Z urn:sha1:526b548cfb9c8a02ea2b7ae064ef3b795305d51a Thanks Olivier Dalang, Tim McCurrach, Sarah Boyce, and Mar Bartolome for reviews. Removed double spaces after periods and within phrases. 2025-07-23T13:09:43Z Sarah Boyce 42296566+sarahboyce@users.noreply.github.com 2025-07-18T13:37:14Z urn:sha1:1ecf6889cabc9f3f60d3fdd651468cddd8f4da6e Fixed #35792 -- Simplified ModelBackend._get_group_permissions(). 2024-10-09T14:14:32Z Bona Fide IT GmbH 137388433+BonaFideIT@users.noreply.github.com 2024-09-28T09:36:38Z urn:sha1:d4e4520efb553d2bfcc68ac8cf007c0c402d4845 Fixed #35303 -- Implemented async auth backends and utils. 2024-10-07T12:19:41Z Jon Janzen jon@jonjanzen.com 2024-03-31T19:29:10Z urn:sha1:50f89ae850f6b4e35819fe725a08c7e579bfd099 Refs #33561 -- Made created=True required in signature of RemoteUserBackend.configure_user() subclasses. 2023-01-17T10:49:15Z Mariusz Felisiak felisiak.mariusz@gmail.com 2023-01-13T04:49:36Z urn:sha1:ba082e09524c9fba9fa8ba472c896ef645b09dd6 Per deprecation timeline. Refs #25232 -- Simplified ModelBackend.user_can_authenticate(). 2022-07-11T18:27:11Z Tim Graham timograham@gmail.com 2022-07-11T18:27:11Z urn:sha1:282d58e19385ee4e5c125a9d3cba820949314f3f Thanks Jay Turner for the suggestion. Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend. 2022-03-10T11:57:19Z Adrian Torres atorresj@redhat.com 2022-03-04T10:04:07Z urn:sha1:d90e34c61b27fba2527834806639eebbcfab9631 Refs #33476 -- Reformatted code with Black. 2022-02-07T19:37:05Z django-bot ops@djangoproject.com 2022-02-03T19:24:19Z urn:sha1:9c19aff7c7561e3a82978a272ecdaad40dda5c00 Removed redundant definition of UserModel in ModelBackend.with_perm(). 2021-08-09T08:36:55Z Premkumar Chalmeti premkumarchalmeti@gmail.com 2021-08-09T08:36:55Z urn:sha1:fffeb5df554c93f0f9e634a820323b4771e9bfc7