Matt Wright
cd8982fa65
Merge pull request #342 from alexef/patch-1
...
Fail silently for get_user(None)
2015-05-02 13:30:01 -04:00
Matt Wright
c8a3549e2d
Merge pull request #331 from Diaoul/patch-2
...
Fix ActivateUserCommand docstring
2015-05-02 13:29:21 -04:00
Matt Wright
03d9cf2f0d
Merge pull request #330 from Diaoul/patch-1
...
Fix RemoveRoleCommand docstring
2015-05-02 13:29:07 -04:00
Matt Wright
e4d9d3ad17
Merge pull request #322 from waltaskew/develop
...
Add configuration for token expiration
2015-05-02 13:27:11 -04:00
Matt Wright
f2a5e4b614
Normalize import paths. Fixes #313
2015-05-02 13:25:26 -04:00
Matt Wright
916f5ee012
Use StringField instead of TextField. Fixes #312
2015-05-02 13:05:46 -04:00
Matt Wright
bc1f5dd7f9
Stricter tests for signals and a small docs update. Fixes #308
2015-05-02 12:59:02 -04:00
Matt Wright
4659d10c5c
forgot password endpoint should be for anonymous users only. Fixes #291
2015-05-02 12:11:05 -04:00
Alex Eftimie
7e4fc94601
Fail silently for get_user(None)
...
get_user(identifier) checks if the identifier is a number by trying to convert it to int. This works for strings, but in a particular case, when identifier is None, it fails. Checking for both TypeError and ValueError fixes it.
2014-11-19 14:11:58 +02:00
Antoine Bertin
6cfe662dc6
Fix ActivateUserCommand docstring
2014-10-21 11:26:17 +02:00
Antoine Bertin
8c45271bf9
Fix RemoveRoleCommand docstring
2014-10-21 10:27:17 +02:00
Matt Wright
94c7c09dc2
Bump version number to 1.7.4
2014-10-13 13:38:44 -04:00
Matt Wright
2cffb6634d
Fix case sensitivity when searching for users by email address. Fixes #323 .
2014-10-13 13:34:11 -04:00
Matt Wright
824a52b883
Merge branch 'develop' of github.com:mattupstate/flask-security into develop
2014-10-13 13:25:08 -04:00
Matt Wright
fe7e4c4afc
Add additional steps to the test_change_hash_type and make change to verify_and_update_password to make the test pass. Fixes #328 .
2014-10-13 13:25:01 -04:00
waltaskew
897b2fceab
Add configuration for token expiration
2014-10-01 15:59:28 -04:00
Nick Greenfield
5bc37add88
Update to use (url_next.netloc or url_next.scheme) in the validate_redirect_url open redirect patch.
2014-10-01 09:49:00 -07:00
Nick Greenfield
8b036f2a3e
Prevent open redirects when a malformed URL is passed to ?next=
...
Example: "/login?next=http:///google.com " (note 3rd slash)
2014-09-26 11:08:58 -07:00
Matt Wright
679cee7969
Add default/global context processor. Fixes #306
2014-09-17 11:27:44 -04:00
Matt Wright
3d7b97ac31
Forgot password form should not validate if user has not confirmed their email address yet. Fixes #298
2014-09-17 11:21:31 -04:00
Matt Wright
37908ca335
Merge pull request #303 from graup/patch-1
...
Docs: Fixed typo and made punctuation more consistent.
2014-09-17 10:02:16 -04:00
Matt Wright
d2fe7aefcb
Merge pull request #307 from mickey06/develop
...
Save changes to db after removal of role from user
2014-08-29 12:19:26 -04:00
Greg Einfrank
2aeee348d4
Fix two typos in docstrings
2014-08-27 23:37:58 -04:00
Khalil El Kouhen
52b177cd2e
Save changes to db after removal of role from user
2014-08-26 16:43:23 +01:00
Paul Grau
dab2fc8c8b
Docs: Fixed typo and made punctuation more consistent.
2014-08-19 18:01:03 +09:00
Matt Wright
31e3ab5470
Merge pull request #289 from scollinson/fix_menu_typo
...
Fix a typo in the menu template
2014-08-13 15:44:20 -04:00
Sam Collinson
1076887900
fix typo in menu template
2014-07-21 19:07:12 +12:00
Mathijs de Bruin
15c9ef1d07
Attempt to fix tests.
2014-07-03 15:48:55 +02:00
Mathijs de Bruin
d1ec38ea18
Keep value of ‘next’ in menu links.
...
This allows moving from the login to registration (and vice versa) while keeping the redirection URL, enabling a much smoother user experience.
2014-07-03 15:22:56 +02:00
Mathijs de Bruin
577a3a8110
Enable ‘next’ redirection after registration.
2014-07-03 15:21:03 +02:00
Matt Wright
7b474efd7a
Bump version number to 1.7.3
2014-06-10 13:05:24 -04:00
Matt Wright
f12bc17e7e
Merge branch 'develop'
2014-06-10 13:05:12 -04:00
Matt Wright
76cf3eaf6a
Do not expose user info in /reset responses. Fixes #249
2014-06-10 12:24:19 -04:00
Matt Wright
a6b5d3053c
Use safe_str_cmp when evaluating tokens. Fixes #252
2014-06-10 12:14:58 -04:00
Matt Wright
0a48997fdd
Improve encoding of strings. Addresses #231 and #253
2014-06-10 11:47:35 -04:00
Matt Wright
96f1b3e0d1
Fix tests to pass python 3
2014-06-10 11:12:40 -04:00
Matt Wright
0facdaacd9
Make validate_redirect_url smarter. Fixes #261 .
2014-06-10 10:48:56 -04:00
Matt Wright
f387759cee
Bump version number to 1.7.2
2014-05-06 14:05:27 -04:00
Matt Wright
3d5b37cef2
Polish for static analysis
2014-05-06 13:14:25 -04:00
Matt Wright
58b7fa8e2e
Check X-Forwarded-For header value when tracking IP addresses. Fixes #234
2014-05-06 12:35:50 -04:00
Matt Wright
fff71e3e04
Polish
2014-05-06 07:57:00 -04:00
Matt Wright
510d1356a2
A bunch of adjustments to satisfy existing tests and even some new ones
2014-03-14 15:26:53 -04:00
Matt Wright
f3014d01df
Convert all tests to use pytest. Phew!
2014-03-13 18:28:25 -04:00
Matt Wright
ed645b51f2
Fix confirmation endpoint to flash an "already confirmed" message if user attempts to confirm after already being confirmed
2014-03-13 17:18:39 -04:00
Matt Wright
bc60c021a3
Fix password_changed signal to behave like the other signals. Fixes #222
2014-03-13 09:35:54 -04:00
Ahti Kitsik
1395df334e
Changing verify_password so it works like verify_and_update_password. Currently verify_password was not only creating a hmac hash but also encrypting (encrypt_password is first hmac-signing and then encrypting).
...
Removed unneccessary and wrong tests.
2014-02-20 16:46:49 +02:00
Anton Barkovsky
09f6f64e5b
Make logout view do nothing if the user is already logged out
2014-02-04 16:51:00 +03:00
Bruno Rocha
922a038d28
Merge https://github.com/mattupstate/flask-security into develop
2014-01-24 14:06:03 -02:00
Matt Wright
668b4ee651
Merge branch 'develop' of github.com:mattupstate/flask-security into develop
2014-01-24 10:32:09 -05:00
Matt Wright
f854c24094
Merge pull request #205 from HereLabsInc/catch_decoding_errors
...
catch possible TypeError and ValueError from serializer
2014-01-24 07:31:51 -08:00