summaryrefslogtreecommitdiff
path: root/docs/topics/auth/default.txt
AgeCommit message (Collapse)Author
2026-04-07Fixed #37021 -- Added Permission.user_perm_str property.mariatta
For use in checking user permissions via has_perm(). Co-authored-by: 사재혁 <jaehyuck.sa.dev@gmail.com>
2026-02-27Fixed #27489 -- Renamed permissions upon model renaming in migrations.Artyom Kotovskiy
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
2025-10-29Fixed #36329 -- Removed non-code custom link text when cross-referencing ↵Clifford Gama
Python objects. Thanks Bruno Alla, Sarah Boyce, and Jacob Walls for reviews. Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2025-08-25Refs #36485 -- Rewrapped docs to 79 columns line length.David Smith
Lines in the docs files were manually adjusted to conform to the 79 columns limit per line (plus newline), improving readability and consistency across the content.
2025-08-25Refs #36485 -- Removed double spaces after periods in sentences.Natalia
2025-08-25Refs #36485 -- Removed unnecessary parentheses in :meth: and :func: roles in ↵David Smith
docs.
2025-01-15Removed versionadded/changed annotations for 5.1.Sarah Boyce
This also removes remaining versionadded/changed annotations for older versions.
2024-09-03Fixed CVE-2024-45231 -- Avoided server error on password reset when email ↵Natalia
sending fails. On successful submission of a password reset request, an email is sent to the accounts known to the system. If sending this email fails (due to email backend misconfiguration, service provider outage, network issues, etc.), an attacker might exploit this by detecting which password reset requests succeed and which ones generate a 500 error response. Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam Johnson, and Sarah Boyce for the reviews.
2024-08-22Sorted alphabetically forms list in docs/topics/auth/default.txt.nessita
2024-08-19Fixed #35678 -- Removed "usable_password" field from BaseUserCreationForm.Natalia
Refs #34429: Following the implementation allowing the setting of unusable passwords via the admin site, the `BaseUserCreationForm` and `UserCreationForm` were extended to include a new field for choosing whether password-based authentication for the new user should be enabled or disabled at creation time. Given that these forms are designed to be extended when implementing custom user models, this branch ensures that this new field is moved to a new, admin-dedicated, user creation form `AdminUserCreationForm`. Regression in e626716c28b6286f8cf0f8174077f3d2244f3eb3. Thanks Simon Willison for the report, Fabian Braun and Sarah Boyce for the review.
2024-08-08Refs #31405 -- Improved LoginRequiredMiddleware documentation.Adam Johnson
co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-05-22Removed versionadded/changed annotations for 5.0.Natalia
This also removes remaining versionadded/changed annotations for older versions.
2024-05-22Fixed #31405 -- Added LoginRequiredMiddleware.Hisham Mahmood
Co-authored-by: Adam Johnson <me@adamj.eu> Co-authored-by: Mehmet İnce <mehmet@mehmetince.net> Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
2024-03-07Fixed #35030 -- Made django.contrib.auth decorators to work with async ↵Dingning
functions.
2024-02-20Fixed #34429 -- Allowed setting unusable passwords for users in the auth forms.Fabian Braun
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2024-01-26Applied Black's 2024 stable style.Mariusz Felisiak
https://github.com/psf/black/releases/tag/24.1.0
2024-01-22Fixed typo in docs/topics/auth/default.txt.Adrienne Franke
2023-12-15Fixed typos in docs.Mariusz Felisiak
2023-09-18Removed versionadded/changed annotations for 4.2.Mariusz Felisiak
This also removes remaining versionadded/changed annotations for older versions.
2023-09-14Refs #15619 -- Removed deprecated annotation about logging out via GET requests.Mariusz Felisiak
Follow up to 6c57c08ae52f86df843fccb5a3c1c6c45a10a26f.
2023-06-27Fixed #34391 -- Added async-compatible interface to auth functions and ↵Jon Janzen
related methods test clients.
2023-04-17Used extlinks for PyPI links.Tim Graham
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2023-03-07Fixed #31920 -- Made AuthenticationMiddleware add request.auser().Jon Janzen
2023-03-01Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.django-bot
2023-02-28Refs #34140 -- Corrected rst code-block and various formatting issues in docs.Joseph Victor Zammit
2023-02-10Refs #34140 -- Applied rst code-block to non-Python examples.Carlton Gibson
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews.
2023-01-17Refs #15619 -- Removed support for logging out via GET requests.Mariusz Felisiak
Per deprecation timeline.
2022-12-29Fixed #25617 -- Added case-insensitive unique username validation in ↵Paul Schilling
UserCreationForm. Co-Authored-By: Neven Mundar <nmundar@gmail.com>
2022-11-29Fixed #34187 -- Made UserCreationForm save many-to-many fields.sdolemelipone
2022-11-14Fixed #34154 -- Made mixin headers consistent in auth docs.Tony Lechner
2022-11-10Improved readability of string interpolation in frequently used examples in ↵Trey Hunner
docs.
2022-08-30Refs #30947 -- Changed tuples to lists where appropriate.Alex Morega
2022-05-17Removed versionadded/changed annotations for 4.0.Carlton Gibson
2022-03-29Fixed #15619 -- Deprecated log out via GET requests.René Fleschenberg
Thanks Florian Apolloner for the implementation idea. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-02-01Fixed #30360 -- Added support for secret key rotation.tschilling
Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-01-17Fixed #33443 -- Clarified when PasswordResetView sends an email.Brad Solomon
2022-01-05Fixed malformed attribute directives in docs.David
2021-08-17Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.Andrew Northall
2021-07-29Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵David Smith
appropriate.
2021-02-08Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.ThinkChaos
2021-02-08Used .. attribute:: directive in authentication views docs.Mariusz Felisiak
2020-05-13Used :mimetype: role in various docs.Nick Pope
2020-05-13Removed versionadded/changed annotations for 3.0.Mariusz Felisiak
2020-04-28Changed django.forms.ValidationError imports to ↵François Freitag
django.core.exceptions.ValidationError. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-04-27Fixed #31505 -- Doc'd possible email addresses enumeration in PasswordResetView.Mariusz Felisiak
2020-04-24Doc'd PasswordChangeView/PasswordResetView.success_url defaults.Tanmay Vijay
2020-02-19Fixed #30040 -- Used default permission name in docs examples to avoid ↵Hasan Ramezani
confusion.
2019-09-10Removed versionadded/changed annotations for 2.2.Mariusz Felisiak
2019-09-06Fixed #30573 -- Rephrased documentation to avoid words that minimise the ↵Tobias Kunze
involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review.
2019-06-20Removed unnecessary backslashes from docs.Mariusz Felisiak