From f4d758f5618a89fc74baed5cdd6273b8e30ea62a Mon Sep 17 00:00:00 2001 From: Deniz Dogan Date: Sun, 21 Dec 2014 15:20:48 +0100 Subject: [PATCH 1/3] Add documentation about SECURITY_MSG configuration variables. --- docs/configuration.rst | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/docs/configuration.rst b/docs/configuration.rst index 018d4ae..5227e12 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -261,3 +261,44 @@ Miscellaneous me" value used when logging in a user. Defaults to ``False``. ============================================= ================================== + +Messages +------------- + +The following are the messages Flask-Security uses. They are tuples; the first +element is the message and the second element is the error level. + +The default messages and error levels can be found in ``core.py``. + +* ``SECURITY_MSG_ALREADY_CONFIRMED`` +* ``SECURITY_MSG_CONFIRMATION_EXPIRED`` +* ``SECURITY_MSG_CONFIRMATION_REQUEST`` +* ``SECURITY_MSG_CONFIRMATION_REQUIRED`` +* ``SECURITY_MSG_CONFIRM_REGISTRATION`` +* ``SECURITY_MSG_DISABLED_ACCOUNT`` +* ``SECURITY_MSG_EMAIL_ALREADY_ASSOCIATED`` +* ``SECURITY_MSG_EMAIL_CONFIRMED`` +* ``SECURITY_MSG_EMAIL_NOT_PROVIDED`` +* ``SECURITY_MSG_INVALID_CONFIRMATION_TOKEN`` +* ``SECURITY_MSG_INVALID_EMAIL_ADDRESS`` +* ``SECURITY_MSG_INVALID_LOGIN_TOKEN`` +* ``SECURITY_MSG_INVALID_PASSWORD`` +* ``SECURITY_MSG_INVALID_REDIRECT`` +* ``SECURITY_MSG_INVALID_RESET_PASSWORD_TOKEN`` +* ``SECURITY_MSG_LOGIN`` +* ``SECURITY_MSG_LOGIN_EMAIL_SENT`` +* ``SECURITY_MSG_LOGIN_EXPIRED`` +* ``SECURITY_MSG_PASSWORDLESS_LOGIN_SUCCESSFUL`` +* ``SECURITY_MSG_PASSWORD_CHANGE`` +* ``SECURITY_MSG_PASSWORD_INVALID_LENGTH`` +* ``SECURITY_MSG_PASSWORD_IS_THE_SAME`` +* ``SECURITY_MSG_PASSWORD_MISMATCH`` +* ``SECURITY_MSG_PASSWORD_NOT_PROVIDED`` +* ``SECURITY_MSG_PASSWORD_NOT_SET`` +* ``SECURITY_MSG_PASSWORD_RESET`` +* ``SECURITY_MSG_PASSWORD_RESET_EXPIRED`` +* ``SECURITY_MSG_PASSWORD_RESET_REQUEST`` +* ``SECURITY_MSG_REFRESH`` +* ``SECURITY_MSG_RETYPE_PASSWORD_MISMATCH`` +* ``SECURITY_MSG_UNAUTHORIZED`` +* ``SECURITY_MSG_USER_DOES_NOT_EXIST`` From fccaccd282ad63ea99a0927973b1785e6e1822d5 Mon Sep 17 00:00:00 2001 From: Jeff Widman Date: Mon, 2 Feb 2015 23:34:52 -0800 Subject: [PATCH 2/3] "overrided" --> "overriden" Per http://english.stackexchange.com/questions/75786/overrode-vs-overridden --- docs/features.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/features.rst b/docs/features.rst index bc1e5d2..9759655 100644 --- a/docs/features.rst +++ b/docs/features.rst @@ -89,7 +89,7 @@ User Registration Flask-Security comes packaged with a basic user registration view. This view is very simple and new users need only supply an email address and their password. -This view can be overrided if your registration process requires more fields. +This view can be overridden if your registration process requires more fields. Login Tracking From 4debc8d1028484fe9fddd21d67ce7fff20e8eb40 Mon Sep 17 00:00:00 2001 From: Derek Rushing Date: Wed, 18 Feb 2015 10:20:22 -0600 Subject: [PATCH 3/3] Modified check_token function to account for multiple objects being posted via JSON. Resolves issue with it throwing an error when it encounters a list instead of a dict type. --- flask_security/decorators.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/flask_security/decorators.py b/flask_security/decorators.py index 3363fc5..34c3f7d 100644 --- a/flask_security/decorators.py +++ b/flask_security/decorators.py @@ -52,7 +52,8 @@ def _check_token(): header_token = request.headers.get(header_key, None) token = request.args.get(args_key, header_token) if request.get_json(silent=True): - token = request.json.get(args_key, token) + if not isinstance(request.json, list): + token = request.json.get(args_key, token) user = _security.login_manager.token_callback(token)