Valentin Deniaud
8e6a95b6ce
attributes_ng: restore setting superuser flag ( #71855 )
2022-11-29 18:55:27 +01:00
Valentin Deniaud
5f0c03e32f
a2_rbac: move role attributes to real model fields ( #69895 )
2022-11-29 14:05:38 +01:00
Paul Marillonnet
34215788c5
custom_user: add phone and phone verification fields ( #65173 )
2022-10-19 15:50:11 +02:00
Corentin Sechet
8e15762cd5
misc: validate password strength ( #63830 )
2022-08-31 14:39:47 +02:00
Valentin Deniaud
bf400ae52b
misc: remove dead authenticators code ( #66853 )
2022-08-16 11:28:22 +02:00
Valentin Deniaud
8b09b2c820
authenticators: remove orphan settings with login password migration ( #65707 )
2022-07-18 11:04:45 +02:00
Paul Marillonnet
2c58c32a1a
discard deprecated unicode-aware i18n utils ( #64305 )
2022-05-13 09:49:23 +02:00
Paul Marillonnet
a3d438d37f
settings: remove profile management feature flag ( #62486 )
2022-04-01 10:35:55 +02:00
Paul Marillonnet
a5cf47ecfb
idp_oidc: make user info depend on profile choice during authz ( #58556 )
2022-03-04 13:43:42 +01:00
Valentin Deniaud
f24096f8b8
misc: concatenate strings when possible ( #56007 )
2021-08-10 11:02:45 +02:00
Valentin Deniaud
7bc0fcadff
misc: apply pyupgrade ( #55519 )
2021-07-12 12:03:44 +02:00
Benjamin Dauvergne
40eeaa9581
clean-unused-accounts: run every hour, but limit the number of notifications sent ( #52644 )
2021-04-09 15:18:34 +02:00
Benjamin Dauvergne
13cd493740
forms: specialize form for password reset by username ( #52013 )
2021-03-31 19:19:24 +02:00
Valentin Deniaud
4751846fed
misc: remove six module usage ( #52503 )
2021-03-30 15:06:49 +02:00
Valentin Deniaud
86d946adcd
misc: apply isort ( #52457 )
2021-03-30 13:59:53 +02:00
Valentin Deniaud
4bb33d3d3c
misc: apply black ( #52457 )
2021-03-30 11:32:55 +02:00
Valentin Deniaud
961af9538e
utils: add setting to choose email sending format ( #50745 )
2021-03-15 09:57:46 +01:00
Valentin Deniaud
2f42606265
app_settings: enable login rate limiting by default ( #50771 )
2021-03-02 15:19:27 +01:00
Benjamin Dauvergne
e5f368bec9
misc: control similarity threshold for fts ( #50781 )
2021-02-04 11:44:05 +01:00
Frédéric Péters
ab6ee43978
settings: mark laposte.net as well-known domain, not laposte.fr ( #50765 )
2021-02-02 14:51:32 +01:00
Benjamin Renard
1f2ea15580
Add A2_RESET_PASSWORD_ID_LABEL parameter ( #49131 )
2020-12-18 07:45:55 +01:00
Paul Marillonnet
8c3902b2c2
misc: do not modify email when marking users as deleted ( #48264 )
2020-12-02 09:56:08 +01:00
Valentin Deniaud
e6b2e5dbf4
api: add find duplicate users endpoint ( #46424 )
2020-10-01 13:29:24 +02:00
Nicolas Roche
1e6831256b
login: add an option to hide cancel button ( #41122 )
2020-09-18 09:57:56 +02:00
Valentin Deniaud
4f831fe4d8
views: warn user before generating new token ( #41792 )
2020-08-20 09:57:17 +02:00
Frédéric Péters
5d32b8db52
misc: add setting to set secure flag on opened session cookie ( #45938 )
2020-08-18 10:19:30 +02:00
Nicolas Roche
1a3bd4bb05
profile_views: add a profil page to manage authorized oauth services ( #45200 )
2020-07-29 09:45:46 +02:00
Serghei Mihai
dc7bce7c05
misc: allow email domains suggestions ( #40166 )
2020-06-15 17:15:01 +02:00
Benjamin Dauvergne
bda672d59e
misc: add a DeletedUser model to keep metadata about deleted users ( #41933 )
2020-05-18 16:21:59 +02:00
Benjamin Dauvergne
63a9e9f8cc
misc: remove computed_targeted_id attribute source ( #42020 )
2020-05-07 16:53:06 +02:00
Valentin Deniaud
afcec6c514
views: ratelimit email form views ( #41489 )
2020-04-24 11:07:43 +02:00
Paul Marillonnet
62441e2340
accounts: send validation email before self-triggered account deletion ( #27823 )
2019-10-02 11:33:20 +02:00
Benjamin Dauvergne
9fbbf0519a
spring cleaning ( #32934 )
...
* reorganize views and forms
* add copyright headers to all .py files
* fix all style errors reported by flake8
2019-05-14 16:19:25 +02:00
Benjamin Dauvergne
fdc2959104
forms: add ou selector to login form ( #30252 )
2019-03-01 17:30:00 +01:00
Frédéric Péters
90ff2d46ab
misc: automatically resize profile image ( #27644 )
2018-10-30 10:23:11 +01:00
Paul Marillonnet
a5d652ce81
support avatar picture in user profile ( #26022 )
2018-10-30 10:23:11 +01:00
Benjamin Dauvergne
99a7b14bf0
add a remember me button ( fixes #25579 )
...
It simply use session.set_expiry() to augment the session duration.
2018-08-03 18:52:22 +02:00
Benjamin Dauvergne
d7a2af17c3
allow overriding User.can_reset_password by hooks ( fixes #25534 )
...
This commit introduce the concept of an user flag, this flag can be
defined in many places:
* globally trough a setting named A2_USER_<FLAG>
* on the user object itself if there is a property user.<flag> which is
not None
* by any hook returning a not None result and named a2_hook_user_<flag>
* for all users of an OU if the ou.<flag> is not None
2018-07-30 17:22:03 +02:00
Benjamin Dauvergne
f36b480419
add new widget and fields for passwords ( #24439 )
2018-07-20 17:07:18 +02:00
Benjamin Dauvergne
35b3136ef4
add new API to validate passwords ( fixes #24833 )
...
POST /api/validate-password/ HTTP/1.1
Conten-Type: application/json
{"password": "whatever"}
200 Ok
Content-Type: application/json
{
"result": 1,
"ok": false,
"checks": [
{"label": "at least 1 digit", "result": false}
]
}
This API is public.
2018-07-18 10:54:22 +02:00
Benjamin Dauvergne
b140cb2612
app_settings: rename ACCEPT_EMAIL_AUTHENTICATION to A2_ACCEPT_EMAIL_AUTHENTICATION ( fixes #23514 )
2018-05-01 10:39:44 +02:00
Benjamin Dauvergne
20b829b1ee
allow a post registration landing page ( fixes #22378 )
...
- add a new setting A2_REGISTRATION_REDIRECT, it can be an URL or a
tuple (URL, field_name). If a next URL was given to /accounts/register/
it's appended to the A2_REGISTRATION_REDIRECT URL as
?field_name=<next_URL> whose field_name default to "next".
2018-03-13 15:36:57 +01:00
Benjamin Dauvergne
22a885edfd
tests: disable cache decorators by default ( fixes #22227 )
...
It makes behavior of tests erratic as it incurs side effects between
tests and even inside of tests. For example, caching of the OU count for
short periods is not harmful for day to day use as creating new OUs are
rare events but during tests it makes reasoning about code behavior
really difficult.
2018-03-02 12:05:09 +01:00
Benjamin Dauvergne
666d016b91
allow redirect /accounts/ to an external page ( fixes #21770 )
...
New setting is A2_ACCOUNTS_URL.
2018-02-23 19:26:16 +01:00
Benjamin Dauvergne
b7e525cb07
profile_forms: add setting for random reset of password on reset password requests ( fixes #20127 )
2017-11-29 08:56:40 +01:00
Benjamin Dauvergne
84e2ec679e
rework use of exponential_retry_timeout by login form ( fixes #20323 )
...
- full behaviour is moved in a subclass of
django.contrib.auth.forms.AuthenticationForm in authentic2.forms
- keys is now built using REMOTE_ADDR and username
- behaviour changed as the countdown is only shown on a POST not just by
displaying the form (on a GET)
2017-11-28 16:46:27 +01:00
Benjamin Dauvergne
8d8dcd00e4
views: add setting to redirect authenticated users to homepage on access to login page ( fixes #20257 )
2017-11-27 00:07:01 +01:00
Benjamin Dauvergne
4aec4f62cb
add settings to filter user authorized to authenticate ( fixes #19597 )
...
Added:
- A2_USER_FILTER and A2_USER_EXCLUDE settings, contains kwargs for
User.filter() and User.exclude(),
- two helper methods for backends: authentic2.backend.get_user_queryset() and
authentic2.backend.is_user_authenticable(),
- all backends modified to use those.
2017-11-16 16:29:13 +01:00
Benjamin Dauvergne
7890fc62e1
registration: block registration of email patterns ( fixes #18886 )
2017-10-10 15:51:28 +02:00
Benjamin Dauvergne
4e8142acc2
registration: add prefilling form pre-registration form ( fixes #18671 )
...
It allows asking for first_name and last_name with email.
2017-09-21 16:29:16 +02:00