diff --git a/CHANGES b/CHANGES
index 7cf2674..9d0125b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,8 +7,10 @@ Here you can see the full list of changes between each Flask-Security release.
Version 1.6.4
-------------
-Not yet released
+Released June 18th 2013
+- Added `SECURITY_DEFAULT_REMEMBER_ME` configuration value to unify behavior between endpoints
+- Fixed Flask-Login dependency problem
- Added optional `next` parameter to registration endpoint, similar to that of login
diff --git a/flask_security/core.py b/flask_security/core.py
index aa32324..be736a0 100644
--- a/flask_security/core.py
+++ b/flask_security/core.py
@@ -10,8 +10,8 @@
"""
from flask import current_app
-from flask.ext.login import AnonymousUser as AnonymousUserBase, \
- UserMixin as BaseUserMixin, LoginManager, current_user
+from flask.ext.login import AnonymousUserMixin, UserMixin as BaseUserMixin, \
+ LoginManager, current_user
from flask.ext.principal import Principal, RoleNeed, UserNeed, Identity, \
identity_loaded
from itsdangerous import URLSafeTimedSerializer
@@ -76,6 +76,7 @@ _default_config = {
'LOGIN_SALT': 'login-salt',
'CHANGE_SALT': 'change-salt',
'REMEMBER_SALT': 'remember-salt',
+ 'DEFAULT_REMEMBER_ME': False,
'DEFAULT_HTTP_AUTH_REALM': 'Login Required',
'EMAIL_SUBJECT_REGISTER': 'Welcome',
'EMAIL_SUBJECT_CONFIRM': 'Please confirm your email',
@@ -153,8 +154,7 @@ def _token_loader(token):
return user
except:
pass
-
- return None
+ return AnonymousUser()
def _identity_loader():
@@ -272,11 +272,10 @@ class UserMixin(BaseUserMixin):
return role in self.roles
-class AnonymousUser(AnonymousUserBase):
+class AnonymousUser(AnonymousUserMixin):
"""AnonymousUser definition"""
def __init__(self):
- super(AnonymousUser, self).__init__()
self.roles = ImmutableList()
def has_role(self, *args):
diff --git a/flask_security/utils.py b/flask_security/utils.py
index 6fa29dd..9258a76 100644
--- a/flask_security/utils.py
+++ b/flask_security/utils.py
@@ -38,9 +38,12 @@ _datastore = LocalProxy(lambda: _security.datastore)
_pwd_context = LocalProxy(lambda: _security.pwd_context)
-def login_user(user, remember=True):
+def login_user(user, remember=None):
"""Performs the login and sends the appropriate signal."""
+ if remember is None:
+ remember = config_value('DEFAULT_REMEMBER_ME')
+
if not _login_user(user, remember):
return False
diff --git a/flask_security/views.py b/flask_security/views.py
index 89c5342..dc25c46 100644
--- a/flask_security/views.py
+++ b/flask_security/views.py
@@ -170,7 +170,7 @@ def token_login(token):
if invalid or expired:
return redirect(url_for('login'))
- login_user(user, True)
+ login_user(user)
after_this_request(_commit)
do_flash(*get_message('PASSWORDLESS_LOGIN_SUCCESSFUL'))
@@ -218,7 +218,7 @@ def confirm_email(token):
url_for('send_confirmation'))
confirm_user(user)
- login_user(user, True)
+ login_user(user)
after_this_request(_commit)
do_flash(*get_message('EMAIL_CONFIRMED'))
@@ -269,7 +269,7 @@ def reset_password(token):
after_this_request(_commit)
update_password(user, form.password.data)
do_flash(*get_message('PASSWORD_RESET'))
- login_user(user, True)
+ login_user(user)
return redirect(get_url(_security.post_reset_view) or
get_url(_security.post_login_view))
diff --git a/setup.py b/setup.py
index e0fbbf7..2da51f9 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,7 @@ from setuptools import setup
setup(
name='Flask-Security',
- version='1.6.3',
+ version='1.6.4',
url='https://github.com/mattupstate/flask-security',
license='MIT',
author='Matt Wright',
@@ -35,10 +35,10 @@ setup(
platforms='any',
install_requires=[
'Flask>=0.9',
- 'Flask-Login>=0.1.3',
- 'Flask-Mail>=0.7.3',
- 'Flask-Principal>=0.3.3',
- 'Flask-WTF>=0.8',
+ 'Flask-Login==0.2.3',
+ 'Flask-Mail==0.7.3',
+ 'Flask-Principal==0.3.3',
+ 'Flask-WTF==0.8',
'itsdangerous>=0.17',
'passlib>=1.6.1',
],
diff --git a/tests/functional_tests.py b/tests/functional_tests.py
index c808d6f..a23ff64 100644
--- a/tests/functional_tests.py
+++ b/tests/functional_tests.py
@@ -60,7 +60,7 @@ class DefaultSecurityTests(SecurityTest):
def test_unauthorized_access(self):
r = self._get('/profile', follow_redirects=True)
- self.assertIn('Please log in to access this page.', r.data)
+ self.assertIn('Please log in to access this page.', r.data)
def test_authorized_access(self):
self.authenticate()
diff --git a/tests/signals_tests.py b/tests/signals_tests.py
index 386f05d..ff045cb 100644
--- a/tests/signals_tests.py
+++ b/tests/signals_tests.py
@@ -15,7 +15,14 @@ def compare_user(a, b):
return a.id == b.id and a.email == b.email and a.password == b.password
-class RegisterableSignalsTests(SecurityTest):
+class SignalTest(SecurityTest):
+
+ def _create_app(self, auth_config, **kwargs):
+ from tests.test_app.mongoengine import create_app
+ return create_app(auth_config, **kwargs)
+
+
+class RegisterableSignalsTests(SignalTest):
AUTH_CONFIG = {
'SECURITY_CONFIRMABLE': True,
@@ -42,7 +49,7 @@ class RegisterableSignalsTests(SecurityTest):
self.assertEqual(mocks.signals_sent(), set())
-class ConfirmableSignalsTests(SecurityTest):
+class ConfirmableSignalsTests(SignalTest):
AUTH_CONFIG = {
'SECURITY_CONFIRMABLE': True,
@@ -103,7 +110,7 @@ class ConfirmableSignalsTests(SecurityTest):
self.assertEqual(mocks.signals_sent(), set())
-class RecoverableSignalsTests(SecurityTest):
+class RecoverableSignalsTests(SignalTest):
AUTH_CONFIG = {
'SECURITY_RECOVERABLE': True,
@@ -153,7 +160,7 @@ class RecoverableSignalsTests(SecurityTest):
self.assertEqual(mocks.signals_sent(), set())
-class ChangeableSignalsTests(SecurityTest):
+class ChangeableSignalsTests(SignalTest):
AUTH_CONFIG = {
'SECURITY_CHANGEABLE': True,
@@ -204,7 +211,7 @@ class ChangeableSignalsTests(SecurityTest):
self.assertEqual(mocks.signals_sent(), set())
-class PasswordlessTests(SecurityTest):
+class PasswordlessTests(SignalTest):
AUTH_CONFIG = {
'SECURITY_PASSWORDLESS': True