summaryrefslogtreecommitdiff
path: root/tests/auth_tests
AgeCommit message (Collapse)Author
2018-07-02[2.1.x] Fixed #29449 -- Reverted "Fixed #28757 -- Allowed using contrib.auth ↵Tim Graham
forms without installing contrib.auth." This reverts commit 3333d935d2914cd80cf31f4803821ad5c0e2a51d due to a crash if USERNAME_FIELD isn't a CharField. Backport of f3fa86a89b3b85242f49b2b9acf58b5ea35acc1f from master
2018-05-16Fixed #8936 -- Added a view permission and a read-only admin.olivierdalang
Co-authored-by: Petr Dlouhy <petr.dlouhy@email.cz> Co-authored-by: Olivier Dalang <olivier.dalang@gmail.com>
2018-05-13Increased the default PBKDF2 iterations for Django 2.1.Tim Graham
2018-05-07Replaced django.test.utils.patch_logger() with assertLogs().Claude Paroz
Thanks Tim Graham for the review.
2018-04-19Fixed #29212 -- Doc'd redirect loop if @permission_required used with ↵Nick Pope
redirect_authenticated_user.
2018-04-04Added additional AdminPasswordChangeForm tests.Mads Jensen
2018-03-29Fixed #29270 -- Fixed UserChangeForm crash if password field is excluded.Malte Gerth
2018-03-28Fixed #29258 -- Added type checking for login()'s backend argument.Abeer Upadhyay
2018-03-22Fixed #28718 -- Allowed user to request a password reset if their password ↵Tim Graham
doesn't use an enabled hasher. Regression in aeb1389442d0f9669edf6660b747fd10693b63a7. Reverted changes to is_password_usable() from 703c266682be39f7153498ad0d8031231f12ee79 and documentation changes from 92f48680dbd2e02f2b33f6ad0e35b7d337889fb2.
2018-03-16Fixed hanging indentation in various code.Mariusz Felisiak
2018-03-15Fixed #29206 -- Fixed PasswordResetConfirmView crash when the URL contains a ↵Mattia Procopio
non-UUID where one is expected.
2018-03-02Fixed #29176 -- Fixed AbstractBaseUser.normalize_username() crash if ↵Christophe Mehay
username isn't a string.
2018-02-26Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.Tim Graham
2018-02-21Fixed #29132 -- Avoided connecting update_last_login() handler if ↵Mikhail Porokhovnichenko
User.last_login isn't a field.
2018-02-16Fixed #28379 -- Made AccessMixin raise Permissiondenied for authenticated users.Dylan Verheul
2018-02-07Refs #27795 -- Removed force_bytes/text() usage in tests.Tim Graham
2018-02-01Fixed CVE-2018-6188 -- Fixed information leakage in AuthenticationForm.Tim Graham
Reverted 359370a8b8ca0efe99b1d4630b291ec060b69225 (refs #28645). This is a security fix.
2018-01-05Fixed #28757 -- Allowed using contrib.auth forms without installing ↵shanghui
contrib.auth. Also fixed #28608 -- Allowed UserCreationForm and UserChangeForm to work with custom user models. Thanks Sagar Chalise and Rômulo Collopy for reports, and Tim Graham and Tim Martin for reviews.
2018-01-03Fixed #28982 -- Simplified code with and/or.Дилян Палаузов
2018-01-03Fixed #28984 -- Made assorted code simplifications.Tim Graham
2018-01-02Fixed #28902 -- Fixed password_validators_help_text_html() double escaping.Alvin Lindstam
2017-11-08Fixed #28645 -- Reallowed AuthenticationForm to raise the inactive user ↵shanghui
error when using ModelBackend. Regression in e0a3d937309a82b8beea8f41b17d8b6298da2a86. Thanks Guilherme Junqueira for the report and Tim Graham for the review.
2017-11-06Fixed #28776 -- Fixed a/an/and typos in docs and comments.Дилян Палаузов
2017-11-03Fixed #28571 -- Added a prompt to bypass password validation in createsuperuser.Tom
2017-11-03Improved technique for matching input prompts in contrib.auth management tests.Tim Graham
2017-10-23Fixed #28706 -- Moved AuthenticationFormn invalid login ValidationError to a ↵Jon Dufresne
method for reuse.
2017-10-20Fixed #27515 -- Made AuthenticationForm's username field use the max_length ↵Lucas Connors
from the model field. Thanks Ramin Farajpour Cami for the report.
2017-10-20Refs #19130 -- Added a test for AuthenticationForm.username max_length.Lucas Connors
This will be a more useful regression test after refs #27515.
2017-10-14Fixed #28713 -- Prevented ModelBackend.get_all_permissions() from mutating ↵Yuri Kaszubowski Lopes
get_user_permissions().
2017-10-09Fixed #28591 -- Added an error message for createsuperuser --username= (blank).Hasan Ramezani
2017-09-29Completed test coverage for BasePasswordHasher.Mads Jensen
2017-09-29Moved BasePasswordHasher tests to its own test case.Mads Jensen
2017-09-28Completed test coverage for AnonymousUser.Mads Jensen
2017-09-28Moved AnonymousUser tests to its own test case.Mads Jensen
2017-09-26Added a test for PermWrapper.__iter__().Mads Jensen
2017-09-25Reverted "Fixed #28248 -- Fixed password reset tokens being valid for 1 day ↵Tim Graham
longer than PASSWORD_RESET_TIMEOUT_DAYS." This reverts commit 95993a89ce6ca5f5e26b1c22b65c57dcb8c005e9.
2017-09-22Refs #25187 -- Required the authenticate() method of authentication backends ↵Tim Graham
to have request as the first positional argument. Per deprecation timeline.
2017-09-22Refs #26929 -- Removed extra_context parameter of ↵Tim Graham
contrib.auth.views.logout_then_login(). Per deprecation timeline.
2017-09-22Refs #17209 -- Removed login/logout and password reset/change function-based ↵Tim Graham
views. Per deprecation timeline.
2017-09-09Fixed some comments referring to a nonexistent TestClient class.Luoxzhg
2017-09-03Fixed #28550 -- Restored contrib.auth's login() and logout() views' respect ↵ZachLiuGIS
of positional arguments. Regression in 78963495d0caadb77eb97ccf319ef0ba3b204fb5. Forwardport of f8e0557b01ebbb11478cfb012c4cafc67f1213c1 from stable/1.11.x
2017-09-01Fixed test in auth_tests modifying data from setUpTestData().François Freitag
2017-08-24Fixed #28513 -- Added POST request support to LogoutView.hui shang
2017-07-29Used assertRaisesMessage() to test Django's error messages.Mads Jensen
2017-06-21Fixed #28127 -- Allowed UserCreationForm's password validation to check all ↵Andrew Pinkham
user fields.
2017-06-16Fixed #27787 -- Made call_command() validate the options it receives.Chandrakant Kumar
2017-06-13Fixed #28229 -- Fixed the value of LoginView's "next" template variable.Mikhail Golubev
2017-06-01Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.Jon Dufresne
2017-05-29Fixed #26823 -- Prevented update_last_login signal receiver from crashing if ↵Linus Lewandowski
User model doesn't have last_login field.
2017-05-29Fixed #28248 -- Fixed password reset tokens being valid for 1 day longer ↵Nick Zaccardi
than PASSWORD_RESET_TIMEOUT_DAYS.