summaryrefslogtreecommitdiff
path: root/docs/topics/auth
AgeCommit message (Collapse)Author
2016-06-21[1.10.x] Refs #21379, #26719 -- Moved username normalization to ↵Tim Graham
AbstractBaseUser. Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review. Backport of 39805686b364358af725b695924a5a6dfa7f5302 from master
2016-06-15[1.10.x] Fixed broken links in docs and comments.Ville Skyttä
Backport of 96f97691ad5e1483263cea3bb4e4021b4c8dcc41 from master
2016-06-03[1.10.x] Fixed #26021 -- Applied hanging indentation to docs.Ed Henderson
Backport of 4a4d7f980e2a66756e1e424f7648dcd28ff765b7 from master
2016-05-27[1.10.x] Fixed #26635 -- Clarified Argon2PasswordHasher's memory_cost ↵Bas Westerbaan
differs from command line utility. Backport of 9407cc966b02e5ef69b7f561a6b972aff5d9c2e0 from master
2016-05-17Fixed #26601 -- Improved middleware per DEP 0005.Florian Apolloner
Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-16Refs #21379 -- Normalized unicode username inputsClaude Paroz
2016-05-14Used 'classmethod' annotation in docs/topics/auth/customizing.txtTim Graham
2016-04-18Fixed #26514 -- Documented that User.refresh_from_db() doesn't clear the ↵Tim Graham
permission cache.
2016-04-09Fixed #25847 -- Made User.is_(anonymous|authenticated) properties.Jeremy Lainé
2016-03-23Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users.Alexander Gaevsky
2016-03-21Fixed #26392 -- Corrected login_required/permission_required stacking example.Tim Graham
2016-03-08Fixed #26033 -- Added Argon2 password hasher.Bas Westerbaan
2016-03-01Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.Florian Apolloner
This is a security fix.
2016-02-25Fixed #12233 -- Allowed redirecting authenticated users away from the login ↵Olivier Le Thanh Duong
view. contrib.auth.views.login() has a new parameter `redirect_authenticated_user` to automatically redirect authenticated users visiting the login page. Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer for the help and review.
2016-02-24Fixed a function signature in docs/topics/auth/default.txt.Tim Graham
2016-02-22Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.Tim Graham
2016-02-23Fixed spelling errorMarkus Holtermann
2016-02-22Fixed #26188 -- Documented how to wrap password hashers.Tim Graham
2016-02-22Fixed import location of check_password() in docs.Daniel Quinn
2016-02-17Refs #19353 -- Added tests for using custom user models with built-in auth ↵Berker Peksag
forms. Also updated topics/auth/customizing.txt to reflect that subclasses of UserCreationForm and UserChangeForm can be used with custom user models. Thanks Baptiste Mispelon for the initial documentation.
2016-02-04Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.Hugo Osvaldo Barrera
After a user logs out via auth.views.logout(), they're redirected to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-02Refs #26089 -- Removed obsolete docs about custom user model testing.Tim Graham
2016-02-01Unified some doc links to OneToOneField and ManyToManyField.Tim Graham
2016-02-01Fixed #26124 -- Added missing code formatting to docs headers.rowanv
2016-01-14Fixed #23868 -- Added support for non-unique django-admin-options in docs.Tim Graham
Also documented missing short command line options to fix #24134. This bumps the minimum sphinx version required to build the docs to 1.3.4. Thanks Simon Charette for review.
2016-01-07Fixed #24855 -- Allowed using contrib.auth.login() without credentials.Paulo Poiati
Added an optional `backend` argument to login().
2015-12-08Fixed user_passes_test() signature in docs.Gavin Wahl
2015-12-08Fixed #25895 -- Used a consistent style for UserAdmin overrides.Tim Graham
Thanks Justin Abrahms for the report.
2015-12-05Removed deprecated usage of url tag from auth docs.Florian Apolloner
2015-12-03Fixed many spelling mistakes in code, comments, and docs.Josh Soref
2015-12-02Updated link to 1000 common passwords.Eliezer Kanal
xato.net is dead; replaced with link to archive.org.
2015-11-16Fixed #25755 -- Unified spelling of "website".Agnieszka Lasyk
2015-11-12Fixed #25744 -- Corrected reference to User object in auth docs.Anderson Resende
2015-11-12Fixed #25169 -- Documented stacking of permission_required and login_required.Bryan Marty
2015-11-03Fixed typo in docs/topics/auth/default.txt.japrogramer
2015-10-27Fixed #25550 -- Deprecated direct assignment to the reverse side of a ↵Tim Graham
related set.
2015-09-28Documented auth's login/logout function parameters.Tim Graham
2015-09-23Removed versionadded/changed annotations for 1.8.Tim Graham
2015-09-23Refs #23957 -- Required session verification per deprecation timeline.Tim Graham
2015-09-23Refs #21648 -- Removed is_admin_site option from password_reset() view.Tim Graham
Per deprecation timeline.
2015-09-22Refs #24115 -- Added docs for password updates on bcrypt rounds change.Tim Graham
2015-09-18Fixed #24944 -- Added extra_email_context parameter to password_reset() view.sujayskumar
2015-08-20Refs #24914 -- Added docs for more auth mixin methods.Tim Graham
2015-08-08Updated Wikipedia links to use httpsClaude Paroz
2015-08-05Fixed #25229 -- Clarified how an iterable works with @permission_requiredTim Graham
2015-08-04Fixed password_reset signature in docsAlasdair Nicol
2015-07-31Fixed #25202 -- Fixed typo in docs/topics/auth/customizing.txtTim Graham
2015-07-27Fixed #21127 -- Started deprecation toward requiring on_delete for ↵Flavio Curella
ForeignKey/OneToOneField
2015-07-27Fixed #25159 -- Removed brackets from class/function/method signatures in docs.Tim Graham
Thanks hellbeast for the initial patch.
2015-07-27Fixed #25142 -- Added PermissionRequiredMixin.has_permission() to allow ↵Akis Kesoglou
customization.