summaryrefslogtreecommitdiff
path: root/django/contrib/auth
AgeCommit message (Expand)Author
2013-11-05[1.6.x] Pulled Transifex translations for contrib appsClaude Paroz
2013-10-21[1.6.x] Force update of the password on iteration count changes.Florian Apolloner
2013-10-19[1.6.x] Fixed #21291 -- Ensured inactive users cannot reset their passwordsClaude Paroz
2013-10-19[1.6.x] Cleaned formatting/comments in PasswordResetFormTestClaude Paroz
2013-10-18[1.6.x] Fixed bug causing CSRF token not to rotate on login.Tim Graham
2013-10-14[1.6.x] Imported custom user classes in tests depending on itClaude Paroz
2013-10-09[1.6.x] Updated auth translation templateClaude Paroz
2013-10-08[1.6.x] Fixed #21164 -- Added documentation for issue with test users.Russell Keith-Magee
2013-09-24Revert "[1.6.x] Ensure that passwords are never long enough for a DoS."Florian Apolloner
2013-09-24[1.6.x] Marked PermissionsMixin.user_permissions help_text for translationMichaƂ Lech
2013-09-19[1.6.x] Increased default PBKDF2 iterationsPaul McMillan
2013-09-15[1.6.x] Ensure that passwords are never long enough for a DoS.Russell Keith-Magee
2013-09-10[1.6.x] Took advantage of django.utils.six.moves.urllib.*.Aymeric Augustin
2013-09-03[1.6.x] Replaced "not PY3" by "PY2", new in six 1.4.0.Aymeric Augustin
2013-08-13Fixed is_safe_url() to reject URLs that use a scheme other than HTTP/S.Jacob Kaplan-Moss
2013-08-02[1.6.x] Fixed #18923 -- Corrected usage of sensitive_post_parameters in contr...Tim Graham
2013-07-30[1.6.x] Fixed a test that could fail depending on PASSWORD_HASHERS.Aymeric Augustin
2013-07-23[1.6.x] Fixed #20760 -- Reduced timing variation in ModelBackend.Aymeric Augustin
2013-07-23[1.6.x] Fixed #19019 -- Fixed UserAdmin to log password change.Kirill Fomichev
2013-07-04[1.6.x] Fixed #20673 -- Clarified that HttpRequest.user uses AUTH_USER_MODEL.Tim Graham
2013-07-03[1.6.x] Fixed #20675 -- `check_password` should work when no password is spec...Simon Charette
2013-06-29[1.6.x] Removed obsolete comment. Refs #20079.Aymeric Augustin
2013-06-27Fixed #20244: PermissionsMixin now defines a related_query_name for M2MsAndrew Godwin
2013-06-27Fixed #20541 -- don't raise db signals twice when creating superuserAnton Baklanov
2013-06-26Fixed #14881 -- Modified password reset to work with a non-integer UserModel.pk.Tim Graham
2013-06-25Fixed #20642 -- Deprecated `Option.get_(add|change|delete)_permission`.Simon Charette
2013-06-19Fixed #20288 -- Fixed inconsistency in the naming of the popup GET parameter.Loic Bistuer
2013-06-19Removed several unused imports.Aymeric Augustin
2013-06-18Fixed #20079 -- Improve security of password reset tokensErik Romijn
2013-06-18Fixed #20593 -- Allow blank passwords in check_password() and set_password()Erik Romijn
2013-06-18Fixed #20199 -- Allow ModelForm fields to override error_messages from model ...Loic Bistuer
2013-06-15Worked around Python 3.3 modified exception reprClaude Paroz
2013-06-15Fixed #20599 -- Changed wording of ValueError raised by _load_libraryJaap Roes
2013-06-10Defined available_apps in relevant tests.Aymeric Augustin
2013-06-10Added TransactionTestCase.available_apps.Aymeric Augustin
2013-06-07Fixed #19925 - Added validation for REQUIRED_FIELDS being a listChris Streeter
2013-06-03Fixed #20532 -- Reverse auth views by name, not by path.Gavin Wahl
2013-05-29Don't hard-code class names when calling static methodsGavin Wahl
2013-05-26Replaced `and...or...` constructs with PEP 308 conditional expressions.Ramiro Morales
2013-05-25Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.Preston Holmes
2013-05-24Rotate CSRF token on loginAndrew Godwin
2013-05-19Fix test failure introduced by 980ae2ab29.Baptiste Mispelon
2013-05-19Fix #20447: URL names given to contrib.auth.views are now resolved.Baptiste Mispelon
2013-05-19Typo in commentPeter Inglesby
2013-05-18Slightly reworked imports in contrib.auth.__init__Claude Paroz
2013-05-18Fixed #18998 - Prevented session crash when auth backend removedJorge Bastida
2013-05-18Fixed #20432 -- Test failure in admin_views.Jacob Burch
2013-05-16Fixed #20357 -- Allow empty username field label in `AuthentificationForm`.Mark Huang
2013-05-13Recommend using the bcrypt library instead of py-bcryptDonald Stufft
2013-05-11Properly force bytes or str for bcrypt on Python3Donald Stufft