entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity
5,108 Commits 187 Branches 448 Tags 29 MiB
Commit Graph

5108 Commits

Author SHA1 Message Date
Frédéric Péters b31c6e52b9 translation update 2020-06-16 21:14:47 +02:00
Serghei Mihai dc7bce7c05 misc: allow email domains suggestions (#40166) 2020-06-15 17:15:01 +02:00
Valentin Deniaud 162a984897 views: fix password change code (#43862) 2020-06-15 12:17:48 +02:00
Benjamin Dauvergne cc3b90eab9 auth_fc: check current user is authenticated (#43970) 
Uniqueness can fail on linking of current account but also on creation
of a new account *if* FC sub is already linked to an inactive account.
 2020-06-12 15:32:09 +02:00
Thomas NOËL 8ee155eefa setup.py: limit django-filter to <2.3 (#43874) 2020-06-10 15:28:44 +02:00
Paul Marillonnet 4c9b1fc932 auth_fc: disable authenticator if improperly configured (#43653) 2020-06-08 11:58:57 +02:00
Paul Marillonnet 7d50310de5 auth_fc: provide blank default client id and secret (#43653) 2020-06-08 11:58:57 +02:00
Frédéric Péters 6bf952cc42 tox: limit django-filter to <2.3 (#43723) 
pkg_resources.ContextualVersionConflict: (Django 1.11.29 (...),
Requirement.parse('Django>=2.2'), {'django-filter'})
-- https://jenkins.entrouvert.org/job/authentic/1290/console
 2020-06-06 06:25:52 +02:00
Frédéric Péters bc5b70e571 translation update 2020-06-05 08:14:20 +02:00
Paul Marillonnet a8f244087f saml: soap_call takes two arguments (#43537) 2020-06-03 09:31:14 +02:00
Paul Marillonnet 48e198c642 saml: support encoding variations in metadata validator (#43534) 2020-06-03 09:30:16 +02:00
Valentin Deniaud 0d8ea42ad2 manager: forbid changing role members when synced from ldap (#37187) 2020-06-02 12:04:02 +02:00
Valentin Deniaud ffb04c1ab3 tests: check for actual widget choices (#41939) 2020-06-02 11:58:25 +02:00
Valentin Deniaud 80bb97d328 tests: add select2 test helper (#41939) 2020-06-02 11:58:25 +02:00
Frédéric Péters 707825d2cf misc: send unused account alerts using translations (#43466) 2020-06-02 11:10:46 +02:00
Benjamin Dauvergne f505534e79 authenticators: delete test cookie when authentication is successful (#43473) 2020-06-01 15:25:46 +02:00
Thomas NOËL 5ce3efbeee franceconnect: add reverse-tabnabbing protection (#43217) 2020-05-22 14:44:33 +02:00
Benjamin Dauvergne c9b0992d59 translation update 2020-05-22 14:39:47 +02:00
Benjamin Dauvergne a38a843aef misc: hide disabled attributes and values (#42963) 2020-05-22 14:22:11 +02:00
Benjamin Dauvergne 8dee691224 tests: work around bytes/str usage in webtest (#43074) 
webtest only support byte string as GET parameters with python2.
 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne f3f837439b misc: simplify ValidatedEmailField (#43074) 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne bee7491f48 manager: set created user's OU in clean() (#43074) 
Any modification to the model should be done trough clean() method, as
it enables later checks like uniqueness validation. No instance
initialization should ever be done in save() methods unless it's
garanteed that it cannot mess with validation.
 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne d37e8f0d5d misc: let User model validate identifiers and uniqueness (#43074) 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne 018e276c07 misc: validate emails in Model.clean (#43074) 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne ab69544f6c tests: add tests on user creation trough manager (#43074) 2020-05-20 16:50:27 +02:00
Benjamin Dauvergne 15aae1e96a misc: use SystemRandom to generate passwords (#43154) 2020-05-20 16:46:51 +02:00
Benjamin Dauvergne 484ed13a1e idp_saml2: make list of an iterator (#43038) 2020-05-19 12:07:43 +02:00
Frédéric Péters 6a5fe2af0b manager: display csv import flag icons on their own line (#43067) 2020-05-19 11:00:06 +02:00
Benjamin Dauvergne af57083fc8 tox.ini: add modifier to disable --sw 2020-05-18 18:33:00 +02:00
Benjamin Dauvergne 6c8091dbc1 admin: activate SessionAdmin with mellon backend (#42852) 2020-05-18 17:12:07 +02:00
Benjamin Dauvergne dc2b4305ac admin: add DeletedUserAdmin (#41933) 2020-05-18 16:21:59 +02:00
Benjamin Dauvergne 2b8d5e12ef misc: move cleanupauthentic command (#41933) 2020-05-18 16:21:59 +02:00
Benjamin Dauvergne bda672d59e misc: add a DeletedUser model to keep metadata about deleted users (#41933) 2020-05-18 16:21:59 +02:00
Benjamin Dauvergne 5c6fd54baa misc: remove server_error() view (#42821) 2020-05-18 16:07:13 +02:00
Benjamin Dauvergne 640286e7cb misc: remove LoggingCollectorMiddleware (#42821) 2020-05-18 16:07:13 +02:00
Valentin Deniaud 54d11f9b9f debian: add clean-unused-account to crontab (#42995) 2020-05-18 12:15:00 +02:00
Benjamin Dauvergne cd5877690a auth_fc: check request and session exist in hooks (#42982) 2020-05-16 11:37:55 +02:00
Benjamin Dauvergne 05ba0a10ff misc: add settings to propagate exceptions in hooks (#42982) 2020-05-16 11:37:44 +02:00
Benjamin Dauvergne eb83cad1f5 auth_fc: do not resolve next url (#42822) 2020-05-15 15:35:48 +02:00
Benjamin Dauvergne dce9dcbb4b dj22: decode response.content (#42950) 
It seems that starting with Django 2.0 bytes are not automatically
decoded when used in templates, as py3 with Django 1.11 does not show
byte strings in login templates.
 2020-05-15 11:32:39 +02:00
Paul Marillonnet ef144f9657 validators: close smtp socket after email rcpt check (#41791) 2020-05-15 10:55:40 +02:00
Frédéric Péters 4722ed8d70 misc: use translatable labels for SAML homepage actions (#42643) 2020-05-15 10:54:54 +02:00
Benjamin Dauvergne 148642cced misc: show deleted attribute in UserAdmin (#41930) 2020-05-15 10:49:47 +02:00
Benjamin Dauvergne 0f241a712c misc: re-use logout view in deletion view (#41930) 
As user is not accessible anymore through ModelBackend.get_user(), we
must call logout() directly, and not through a redirection.
 2020-05-15 10:49:47 +02:00
Benjamin Dauvergne 5b07d440bc backends: prevent authentication by deleted user (#41930) 2020-05-15 10:49:47 +02:00
Benjamin Dauvergne 9f0aa6ad3c misc: replace DeletedUser model by attribute deleted on User (#41930) 2020-05-15 10:49:47 +02:00
Serghei Mihai dd154d9170 widgets: use "date" input for dates (#41605) 2020-05-15 10:20:46 +02:00
Benjamin Dauvergne a5d84366e2 tests: add __init__ files (#41930) 
It prevents collisions between test files with the same basename.
 2020-05-13 20:01:43 +02:00
Benjamin Dauvergne 9aea57f36e debian: set logrotate user to authentic2 (#42673) 2020-05-12 23:56:12 +02:00
Benjamin Dauvergne a35be9f28d admin: force is_locked() to False in UserChangeForm (#42694) 
Locked fields are implemented by renaming the form's fields with a
`@disabled' suffix. But it interacts badly with the Django admin
framework which expects all fields to always exist. The simplest fix for
that is to disable field locking in the admin views on User.
 2020-05-12 23:55:53 +02:00