- simplify and reorganize login templates,
- URL are not built inside templates anymore,
- we have now 3 different templates:
- login.html for the login page
- registration.html for the registration page
- linking.html for the account page
- using feature from #25623, authentication_method is kept by the
registration view.
- the service slug is correctly threaded between every views.
- explanations about FranceConnect are now done in a common template
"explanation.html".
- restore popup mode, use it through setting A2_FC_POPUP=True, it works
for:
- login and login with registration (workflow for login with
registration is a bit complicated),
- registration,
- and linking (linking your existing to FC through the "My account"
page)
unlinking is not handled with a popup.
It returns True if an user is linked to an FC account, it allows any
FC user to login to its account as long as it still has control of the
FC email even if he has lost its FC credentials.
- verify new users have a password set
- verify old users keep their password on linking and are not
asked for a new password if they used their password for logging in.
The following field is added to user's attributes if FC plugin is
enabled and the "full" parameter is given to the user's API:
"franceconnect": {
"linked": true,
"link_url": "https://idp/accounts/fc/callback/",
"unlink_url": "https://idp/accounts/fc/unlink/"
}
Signature is validated, exp, aud and iis fields are checked.
Also add tests using tox and py.test. Proper validation of signature is verified
using jwcrypto.