diff options
| author | Jannis Leidel <jannis@leidel.info> | 2011-06-26 16:51:34 +0000 |
|---|---|---|
| committer | Jannis Leidel <jannis@leidel.info> | 2011-06-26 16:51:34 +0000 |
| commit | 2619dc828510cf36791fcf87705d2f9ce3176c86 (patch) | |
| tree | 5fe13b0c2a8fcf19cbb7152bc2f4e2adcb0ba2bc /docs | |
| parent | 821d8aaaaad3f4d11f29eb54a7812f363b5f07cb (diff) | |
Fixed #14674 -- Prevent user accounts with an unusable password from resetting passwords. Thanks, summerisgone, thejaswi_puthraya and lrekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/topics/auth.txt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index 4d40458379..e7f606b3d0 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -1011,6 +1011,12 @@ includes a few other useful built-in views located in * ``form``: The form for resetting the user's password. + .. versionchanged:: 1.4 + Users flagged with an unusable password (see + :meth:`~django.contrib.auth.models.User.set_unusable_password()` + will not be able to request a password reset to prevent misuse + when using an external authentication source like LDAP. + .. function:: password_reset_done(request[, template_name]) The page shown after a user has been emailed a link to reset their |
