summaryrefslogtreecommitdiff
path: root/docs/topics/auth
AgeCommit message (Collapse)Author
2023-03-08[4.2.x] Fixed #34384 -- Fixed session validation when rotation secret keys.David Wobrock
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7. Thanks Eric Zarowny for the report. Backport of 2396933ca99c6bfb53bda9e53968760316646e01 from main
2023-03-01[4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.django-bot
2023-02-28[4.2.x] Refs #34140 -- Corrected rst code-block and various formatting ↵Joseph Victor Zammit
issues in docs. Backport of ba755ca13123d2691a0926ddb64e5d0a2906a880 from main
2023-02-10[4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.Carlton Gibson
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews. Backport of 534ac4829764f317cf2fbc4a18354fcc998c1425 from main.
2023-01-30[4.2.x] Fixed typo in docs/topics/auth/passwords.txt.fschwebel
Wrapped hashing is only possible if the inner wrapped function is the same as the previous hasher. Backport of 0265b1b49ba10f957abfd1311d0bae0ecefc3111 from main
2022-12-29Fixed #25617 -- Added case-insensitive unique username validation in ↵Paul Schilling
UserCreationForm. Co-Authored-By: Neven Mundar <nmundar@gmail.com>
2022-11-29Fixed #34187 -- Made UserCreationForm save many-to-many fields.sdolemelipone
2022-11-28Doc's check_password()'s setter and preferred arguments.Mariusz Felisiak
Follow up to 90e05aaeac612a4251640564aa65f103ac635e12.
2022-11-14Fixed #34154 -- Made mixin headers consistent in auth docs.Tony Lechner
2022-11-10Improved readability of string interpolation in frequently used examples in ↵Trey Hunner
docs.
2022-09-28Fixed #34056 -- Updated the list of common passwords for ↵Paolo Melchiorre
CommonPasswordValidator.
2022-09-17Fixed #34017 -- Doc'd that Argon2id variant is used by Argon2PasswordHasher.Ritik Soni
2022-09-17Fixed #34019 -- Removed obsolete references to "model design considerations" ↵DevilsAutumn
note.
2022-08-30Refs #30947 -- Changed tuples to lists where appropriate.Alex Morega
2022-07-23Refs #33691 -- Deprecated insecure password hashers.Claude Paroz
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher are now deprecated.
2022-06-03Fixed #33764 -- Deprecated BaseUserManager.make_random_password().Ciaran McCormick
2022-05-31Fixed docs build with sphinxcontrib-spelling 7.5.0+.Mariusz Felisiak
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set of nodes for which the text is checked.
2022-05-17Removed versionadded/changed annotations for 4.0.Carlton Gibson
2022-05-11Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher.Mariusz Felisiak
2022-04-28Removed hyphen from pre-/re- prefixes.David
"prepopulate", "preload", and "preprocessing" are already in the spelling_wordlist. This also removes hyphen from double "e" combinations with "pre" and "re", e.g. preexisting, preempt, reestablish, or reenter. See also: - https://ahdictionary.com/word/search.html?q=rerun - https://ahdictionary.com/word/search.html?q=recreate - https://ahdictionary.com/word/search.html?q=predetermined - https://ahdictionary.com/word/search.html?q=reuse - https://ahdictionary.com/word/search.html?q=reopening
2022-04-01Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD ↵Lucidiot
when using Meta.constraints.
2022-03-29Fixed #15619 -- Deprecated log out via GET requests.René Fleschenberg
Thanks Florian Apolloner for the implementation idea. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-02-01Fixed #30360 -- Added support for secret key rotation.tschilling
Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-01-17Fixed #33443 -- Clarified when PasswordResetView sends an email.Brad Solomon
2022-01-13Clarified how contrib.auth picks a password hasher for verification.Adam Johnson
2022-01-05Fixed malformed attribute directives in docs.David
2022-01-04Fixed CVE-2021-45115 -- Prevented DoS vector in ↵Florian Apolloner
UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu>
2021-12-28Avoided counting attributes and methods in docs.Mariusz Felisiak
2021-12-17Changed signatures of setting_changed signal receivers.Adam Johnson
2021-12-13Improved wording in password validators docs and docstrings.Adam Johnson
2021-10-19Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label.Mariusz Felisiak
2021-09-20Removed versionadded/changed annotations for 3.2.Mariusz Felisiak
2021-08-17Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.Andrew Northall
2021-07-29Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵David Smith
appropriate.
2021-07-22Fixed #32275 -- Added scrypt password hasher.ryowright
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-20Clarified docs about increasing the work factor for bcrypt hasher.yyyyyyyan
2021-05-17Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.Nick Pope
2021-02-08Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.ThinkChaos
2021-02-08Used .. attribute:: directive in authentication views docs.Mariusz Felisiak
2021-01-14Removed versionadded/changed annotations for 3.1.Mariusz Felisiak
2021-01-14Fixed #31358 -- Increased salt entropy of password hashers.Jon Moroney
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2020-12-03Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default.Timo Ludwig
2020-08-11Added note about password updates on argon2 attributes change.Roy Zheng
2020-05-13Used :mimetype: role in various docs.Nick Pope
2020-05-13Removed versionadded/changed annotations for 3.0.Mariusz Felisiak
2020-04-29Refs #27468 -- Made user sessions use SHA-256 algorithm.Mariusz Felisiak
2020-04-28Changed django.forms.ValidationError imports to ↵François Freitag
django.core.exceptions.ValidationError. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-04-27Fixed #31505 -- Doc'd possible email addresses enumeration in PasswordResetView.Mariusz Felisiak
2020-04-24Doc'd PasswordChangeView/PasswordResetView.success_url defaults.Tanmay Vijay
2020-04-07Fixed Sphinx warnings on duplicate object descriptions.Mariusz Felisiak