| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-07-23 | Refs #33691 -- Deprecated insecure password hashers. | Claude Paroz | |
| SHA1PasswordHasher, UnsaltedSHA1PasswordHasher, and UnsaltedMD5PasswordHasher are now deprecated. | |||
| 2022-06-03 | Fixed #33764 -- Deprecated BaseUserManager.make_random_password(). | Ciaran McCormick | |
| 2022-05-31 | Fixed docs build with sphinxcontrib-spelling 7.5.0+. | Mariusz Felisiak | |
| sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set of nodes for which the text is checked. | |||
| 2022-05-17 | Removed versionadded/changed annotations for 4.0. | Carlton Gibson | |
| 2022-05-11 | Fixed #33691 -- Deprecated django.contrib.auth.hashers.CryptPasswordHasher. | Mariusz Felisiak | |
| 2022-04-28 | Removed hyphen from pre-/re- prefixes. | David | |
| "prepopulate", "preload", and "preprocessing" are already in the spelling_wordlist. This also removes hyphen from double "e" combinations with "pre" and "re", e.g. preexisting, preempt, reestablish, or reenter. See also: - https://ahdictionary.com/word/search.html?q=rerun - https://ahdictionary.com/word/search.html?q=recreate - https://ahdictionary.com/word/search.html?q=predetermined - https://ahdictionary.com/word/search.html?q=reuse - https://ahdictionary.com/word/search.html?q=reopening | |||
| 2022-04-01 | Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD ↵ | Lucidiot | |
| when using Meta.constraints. | |||
| 2022-03-29 | Fixed #15619 -- Deprecated log out via GET requests. | René Fleschenberg | |
| Thanks Florian Apolloner for the implementation idea. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2022-02-01 | Fixed #30360 -- Added support for secret key rotation. | tschilling | |
| Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com> | |||
| 2022-01-17 | Fixed #33443 -- Clarified when PasswordResetView sends an email. | Brad Solomon | |
| 2022-01-13 | Clarified how contrib.auth picks a password hasher for verification. | Adam Johnson | |
| 2022-01-05 | Fixed malformed attribute directives in docs. | David | |
| 2022-01-04 | Fixed CVE-2021-45115 -- Prevented DoS vector in ↵ | Florian Apolloner | |
| UserAttributeSimilarityValidator. Thanks Chris Bailey for the report. Co-authored-by: Adam Johnson <me@adamj.eu> | |||
| 2021-12-28 | Avoided counting attributes and methods in docs. | Mariusz Felisiak | |
| 2021-12-17 | Changed signatures of setting_changed signal receivers. | Adam Johnson | |
| 2021-12-13 | Improved wording in password validators docs and docstrings. | Adam Johnson | |
| 2021-10-19 | Refs #33207 -- Clarified that AUTH_USER_MODEL expects an app label. | Mariusz Felisiak | |
| 2021-09-20 | Removed versionadded/changed annotations for 3.2. | Mariusz Felisiak | |
| 2021-08-17 | Fixed #32964 -- Corrected 'setup'/'set up' usage in docs. | Andrew Northall | |
| 2021-07-29 | Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵ | David Smith | |
| appropriate. | |||
| 2021-07-22 | Fixed #32275 -- Added scrypt password hasher. | ryowright | |
| Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2021-05-20 | Clarified docs about increasing the work factor for bcrypt hasher. | yyyyyyyan | |
| 2021-05-17 | Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. | Nick Pope | |
| 2021-02-08 | Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView. | ThinkChaos | |
| 2021-02-08 | Used .. attribute:: directive in authentication views docs. | Mariusz Felisiak | |
| 2021-01-14 | Removed versionadded/changed annotations for 3.1. | Mariusz Felisiak | |
| 2021-01-14 | Fixed #31358 -- Increased salt entropy of password hashers. | Jon Moroney | |
| Co-authored-by: Florian Apolloner <florian@apolloner.eu> | |||
| 2020-12-03 | Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. | Timo Ludwig | |
| 2020-08-11 | Added note about password updates on argon2 attributes change. | Roy Zheng | |
| 2020-05-13 | Used :mimetype: role in various docs. | Nick Pope | |
| 2020-05-13 | Removed versionadded/changed annotations for 3.0. | Mariusz Felisiak | |
| 2020-04-29 | Refs #27468 -- Made user sessions use SHA-256 algorithm. | Mariusz Felisiak | |
| 2020-04-28 | Changed django.forms.ValidationError imports to ↵ | François Freitag | |
| django.core.exceptions.ValidationError. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2020-04-27 | Fixed #31505 -- Doc'd possible email addresses enumeration in PasswordResetView. | Mariusz Felisiak | |
| 2020-04-24 | Doc'd PasswordChangeView/PasswordResetView.success_url defaults. | Tanmay Vijay | |
| 2020-04-07 | Fixed Sphinx warnings on duplicate object descriptions. | Mariusz Felisiak | |
| 2020-03-31 | Fixed #31375 -- Made contrib.auth.hashers.make_password() accept only bytes ↵ | Hasan Ramezani | |
| or strings. | |||
| 2020-02-19 | Fixed #30040 -- Used default permission name in docs examples to avoid ↵ | Hasan Ramezani | |
| confusion. | |||
| 2019-11-08 | Fixed #30948 -- Changed packaging to use declarative config in setup.cfg. | Jon Dufresne | |
| Co-authored-by: Nick Pope <nick.pope@flightdataservices.com> | |||
| 2019-09-10 | Removed versionadded/changed annotations for 2.2. | Mariusz Felisiak | |
| 2019-09-06 | Fixed #30573 -- Rephrased documentation to avoid words that minimise the ↵ | Tobias Kunze | |
| involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review. | |||
| 2019-08-29 | Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods. | Berker Peksag | |
| Co-authored-by: Nick Pope <nick.pope@flightdataservices.com> | |||
| 2019-08-29 | Removed unneeded * markers from parameter names. | Carlton Gibson | |
| 2019-08-29 | Fixed #30066 -- Enabled super user creation without email and password | daniel a rios | |
| 2019-08-26 | Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS. | Hasan Ramezani | |
| 2019-07-08 | Fixed #30620 -- Made an example of admin-compliant custom user app pep8 ↵ | Nuno | |
| compliant. | |||
| 2019-07-04 | Fixed #28667 -- Clarified how to override list of forms fields for custom ↵ | swatantra | |
| UserAdmin with a custom user model. | |||
| 2019-06-20 | Removed unnecessary backslashes from docs. | Mariusz Felisiak | |
| 2019-06-05 | Refs #30226 -- Added User.get_user_permissions() method. | Tobias Bengfort | |
| Added to mirror the existing User.get_group_permissions(). | |||
| 2019-06-05 | Fixed #30226 -- Added BaseBackend for authentication. | Tobias Bengfort | |
