summaryrefslogtreecommitdiff
path: root/docs/topics/auth
AgeCommit message (Collapse)Author
2023-11-15[5.0.x] Fixed #34970 -- Clarified Password Validation docs regarding the ↵Markus Amalthea Magnuson
password_changed callback. Backport of 61c305f298da1b4079a80721c861d0663dc8717e from main
2023-09-14Refs #15619 -- Removed deprecated annotation about logging out via GET requests.Mariusz Felisiak
Follow up to 6c57c08ae52f86df843fccb5a3c1c6c45a10a26f.
2023-06-27Fixed #34391 -- Added async-compatible interface to auth functions and ↵Jon Janzen
related methods test clients.
2023-05-18Fixed #34565 -- Added support for async checking of user passwords.HappyDingning
2023-04-17Used extlinks for PyPI links.Tim Graham
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2023-03-08Fixed #34384 -- Fixed session validation when rotation secret keys.David Wobrock
Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7. Thanks Eric Zarowny for the report.
2023-03-07Fixed #31920 -- Made AuthenticationMiddleware add request.auser().Jon Janzen
2023-03-01Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.django-bot
2023-02-28Refs #34140 -- Corrected rst code-block and various formatting issues in docs.Joseph Victor Zammit
2023-02-10Refs #34140 -- Applied rst code-block to non-Python examples.Carlton Gibson
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for reviews.
2023-01-30Fixed typo in docs/topics/auth/passwords.txt.fschwebel
Wrapped hashing is only possible if the inner wrapped function is the same as the previous hasher.
2023-01-17Refs #15619 -- Removed support for logging out via GET requests.Mariusz Felisiak
Per deprecation timeline.
2022-12-29Fixed #25617 -- Added case-insensitive unique username validation in ↵Paul Schilling
UserCreationForm. Co-Authored-By: Neven Mundar <nmundar@gmail.com>
2022-11-29Fixed #34187 -- Made UserCreationForm save many-to-many fields.sdolemelipone
2022-11-28Doc's check_password()'s setter and preferred arguments.Mariusz Felisiak
Follow up to 90e05aaeac612a4251640564aa65f103ac635e12.
2022-11-14Fixed #34154 -- Made mixin headers consistent in auth docs.Tony Lechner
2022-11-10Improved readability of string interpolation in frequently used examples in ↵Trey Hunner
docs.
2022-09-28Fixed #34056 -- Updated the list of common passwords for ↵Paolo Melchiorre
CommonPasswordValidator.
2022-09-17Fixed #34017 -- Doc'd that Argon2id variant is used by Argon2PasswordHasher.Ritik Soni
2022-09-17Fixed #34019 -- Removed obsolete references to "model design considerations" ↵DevilsAutumn
note.
2022-08-30Refs #30947 -- Changed tuples to lists where appropriate.Alex Morega
2022-07-23Refs #33691 -- Deprecated insecure password hashers.Claude Paroz
SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher are now deprecated.
2022-06-03Fixed #33764 -- Deprecated BaseUserManager.make_random_password().Ciaran McCormick
2022-05-31Fixed docs build with sphinxcontrib-spelling 7.5.0+.Mariusz Felisiak
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set of nodes for which the text is checked.
2022-05-17Removed versionadded/changed annotations for 4.0.Carlton Gibson
2022-05-11Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher.Mariusz Felisiak
2022-04-28Removed hyphen from pre-/re- prefixes.David
"prepopulate", "preload", and "preprocessing" are already in the spelling_wordlist. This also removes hyphen from double "e" combinations with "pre" and "re", e.g. preexisting, preempt, reestablish, or reenter. See also: - https://ahdictionary.com/word/search.html?q=rerun - https://ahdictionary.com/word/search.html?q=recreate - https://ahdictionary.com/word/search.html?q=predetermined - https://ahdictionary.com/word/search.html?q=reuse - https://ahdictionary.com/word/search.html?q=reopening
2022-04-01Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD ↵Lucidiot
when using Meta.constraints.
2022-03-29Fixed #15619 -- Deprecated log out via GET requests.René Fleschenberg
Thanks Florian Apolloner for the implementation idea. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-02-01Fixed #30360 -- Added support for secret key rotation.tschilling
Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-01-17Fixed #33443 -- Clarified when PasswordResetView sends an email.Brad Solomon
2022-01-13Clarified how contrib.auth picks a password hasher for verification.Adam Johnson
2022-01-05Fixed malformed attribute directives in docs.David
2022-01-04Fixed CVE-2021-45115 -- Prevented DoS vector in ↵Florian Apolloner
UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu>
2021-12-28Avoided counting attributes and methods in docs.Mariusz Felisiak
2021-12-17Changed signatures of setting_changed signal receivers.Adam Johnson
2021-12-13Improved wording in password validators docs and docstrings.Adam Johnson
2021-10-19Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label.Mariusz Felisiak
2021-09-20Removed versionadded/changed annotations for 3.2.Mariusz Felisiak
2021-08-17Fixed #32964 -- Corrected 'setup'/'set up' usage in docs.Andrew Northall
2021-07-29Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵David Smith
appropriate.
2021-07-22Fixed #32275 -- Added scrypt password hasher.ryowright
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-20Clarified docs about increasing the work factor for bcrypt hasher.yyyyyyyan
2021-05-17Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS.Nick Pope
2021-02-08Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView.ThinkChaos
2021-02-08Used .. attribute:: directive in authentication views docs.Mariusz Felisiak
2021-01-14Removed versionadded/changed annotations for 3.1.Mariusz Felisiak
2021-01-14Fixed #31358 -- Increased salt entropy of password hashers.Jon Moroney
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2020-12-03Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default.Timo Ludwig
2020-08-11Added note about password updates on argon2 attributes change.Roy Zheng