Matt Wright
|
db56ff74a9
|
Bump version number to 1.6.3
1.6.3
|
2013-05-08 12:29:48 -04:00 |
|
Matt Wright
|
e03efe0b34
|
Update CHANGES
|
2013-05-08 12:29:35 -04:00 |
|
Matt Wright
|
c587988a3a
|
Merge branch 'develop' of github.com:mattupstate/flask-security into develop
|
2013-05-03 12:14:14 -04:00 |
|
Matt Wright
|
f2d5245bd8
|
Import check to account for new version of MongoEngine
|
2013-05-03 12:13:58 -04:00 |
|
Matt Wright
|
97e1960abd
|
Merge pull request #112 from poundifdef/login_flash
Make flask-login respect SECURITY_FLASH_MESSAGES
|
2013-04-14 13:40:57 -07:00 |
|
Jay Goel
|
e749b77ca7
|
Make flask-login respect SECURITY_FLASH_MESSAGES
|
2013-04-14 16:37:23 -04:00 |
|
Matt Wright
|
6f3c163ee7
|
Merge pull request #111 from joshpurvis/issue110
Changed has_role to accept strings with mongoengine. Fixes #110
|
2013-04-14 10:05:34 -07:00 |
|
Josh Purvis
|
3b81ec57ea
|
Changed has_role to accept strings with mongoengine. Fixes #110
|
2013-04-13 15:11:56 -04:00 |
|
Matt Wright
|
38874433c7
|
Add tests for Peewee support
|
2013-04-04 18:09:55 -04:00 |
|
Matt Wright
|
4eda3e756f
|
PEP8 polish
|
2013-04-04 16:39:50 -04:00 |
|
Matt Wright
|
4815b1afed
|
Make find_user method for MongoEngineUserDatastore add contraints to query
|
2013-04-04 15:50:46 -04:00 |
|
Matt Wright
|
99ac732d10
|
Bump version number to 1.6.2
1.6.2
|
2013-04-04 10:24:03 -04:00 |
|
Matt Wright
|
e8b0c62818
|
Update CHANGES and a little polish
|
2013-04-04 10:23:51 -04:00 |
|
Matt Wright
|
1108f1670c
|
Merge pull request #104 from rodcloutier/http_auth_fix
Fixed http_auth when authorization is not provided in header
|
2013-04-04 07:21:27 -07:00 |
|
Rodrigue Cloutier
|
3575a2df18
|
Fixed http_auth when authorization is not provided in header
|
2013-04-03 21:29:04 -04:00 |
|
Matt Wright
|
c84c485493
|
Bump version number to 1.6.1
1.6.1
|
2013-04-03 11:07:36 -04:00 |
|
Matt Wright
|
8298ac461e
|
Update CHANGES
|
2013-04-03 11:07:16 -04:00 |
|
Matt Wright
|
105d04768e
|
Merge pull request #103 from immon/issue94
sending signals fixed
|
2013-04-03 08:04:49 -07:00 |
|
Paweł Krześniak
|
f1cca43d9c
|
sending signals fixed
|
2013-04-03 12:36:53 +02:00 |
|
Matt Wright
|
e8352fa265
|
Merge pull request #102 from andrewcamenga/develop
corrected link for Flask-WTF
|
2013-03-29 08:53:38 -07:00 |
|
Andrew J. Camenga
|
37d84ddd73
|
corrected link for Flask-WTF
|
2013-03-29 08:37:51 -04:00 |
|
Matt Wright
|
6f9869e9c2
|
import auth_required into top level package
|
2013-03-27 17:20:31 -04:00 |
|
Matt Wright
|
abc061ba46
|
Change .travis.yml
|
2013-03-19 14:11:23 -04:00 |
|
Matt Wright
|
95c80e5677
|
See if pypy works
|
2013-03-19 13:28:42 -04:00 |
|
Matt Wright
|
ba1758e5c7
|
Bump version number to 1.6.0
1.6.0
|
2013-03-13 14:06:34 -04:00 |
|
Matt Wright
|
36198c1993
|
Update CHANGE
|
2013-03-13 14:06:08 -04:00 |
|
Matt Wright
|
8708fd8514
|
Update form messaging to be more flexible. Fixes #80
|
2013-03-13 13:40:35 -04:00 |
|
Matt Wright
|
44a320ee74
|
Fix a failling test
|
2013-03-13 12:28:26 -04:00 |
|
Matt Wright
|
520b8ecef4
|
Show an invalid confirmation token message if a user attempts to confirm their account after it has been deleted. Fixes #93
|
2013-03-13 12:27:26 -04:00 |
|
Matt Wright
|
34aa43ead3
|
Merge pull request #100 from chrishaines/develop
Make subdomain configurable
|
2013-03-13 09:10:16 -07:00 |
|
Matt Wright
|
8ecc3b9a78
|
Add user to request context for http basic and token auth
|
2013-03-13 12:09:28 -04:00 |
|
Chris Haines
|
c0d1d0566f
|
Make subdomain configurable
|
2013-03-13 00:13:54 -04:00 |
|
Matt Wright
|
2e01cab3f8
|
polish
|
2013-03-07 15:38:41 -05:00 |
|
Matt Wright
|
bbe99b5436
|
Fixes #98
|
2013-03-07 15:38:34 -05:00 |
|
Matt Wright
|
246ab41479
|
Merge pull request #96 from invernizzi/develop
NextFormMixin security bug fixed: open redirect
|
2013-03-05 13:58:08 -08:00 |
|
Luca Invernizzi
|
48dd3fa5bf
|
NextFormMixin security bug fixed: open redirect
NextFormMixin was missing validations check on redirection [1]. Only internal redirections
are now allowed.
Attack Example: http://127.0.0.1:5000/login?next=http://google.com (it should not redirect to google.com)
wq
[1] https://www.owasp.org/index.php/Top_10_2010-A10-Unvalidated_Redirects_and_Forwards
|
2013-03-05 21:20:45 +00:00 |
|
Matt Wright
|
7db5fe32a8
|
Turn on testing flag for test app
|
2013-03-04 14:57:29 -05:00 |
|
Matt Wright
|
38a1dfa336
|
Merge pull request #85 from chrishaines/template_list
Template paths can be specified in config
|
2013-03-03 18:38:35 -08:00 |
|
Matt Wright
|
8b41b531a6
|
Merge pull request #91 from intonarumori/develop
added option to disable register email
|
2013-02-20 15:06:46 -08:00 |
|
rumori
|
4a048a4918
|
updated doc with new registration email option
|
2013-02-20 17:37:30 +01:00 |
|
rumori
|
ae64370478
|
added option to disable register email
|
2013-02-20 17:04:47 +01:00 |
|
Matt Wright
|
b03f355fae
|
Merge pull request #88 from andreev-artem/develop
Password should be encoded as 'utf-8' before creating hmac to support passwords with non-latin symbols
|
2013-02-03 12:12:04 -08:00 |
|
Artem Andreev
|
8085e0031e
|
Password should be encoded as 'utf-8' before creating hmac to support passwords with non-latin symbols
|
2013-02-03 22:14:32 +04:00 |
|
Chris Haines
|
dbc2dcc625
|
Removed flask-script as a dependency in setup.py
|
2013-02-01 19:43:13 -05:00 |
|
Chris Haines
|
ad6227006e
|
Fixed lack of newline in requirements.txt
|
2013-02-01 19:41:42 -05:00 |
|
Chris Haines
|
4f414cf70f
|
Merge branch 'develop' of git://github.com/mattupstate/flask-security into template_list
Conflicts:
requirements.txt
|
2013-02-01 19:40:01 -05:00 |
|
Matt Wright
|
adb2680289
|
Add change password endpoint
|
2013-02-01 18:21:43 -05:00 |
|
Matt Wright
|
f1f621d178
|
Merge pull request #78 from eskil/change_password_form
Change password form
|
2013-02-01 15:16:45 -08:00 |
|
Matt Wright
|
996e162d11
|
Merge pull request #70 from eskil/formsdocs
Clarify user model/register form interaction in docs.
|
2013-02-01 14:59:40 -08:00 |
|
Matt Wright
|
840f72a589
|
Merge pull request #82 from maebert/flask-peewee
Flask-Peewee support
|
2013-02-01 14:44:52 -08:00 |
|