./www/py-flask-security, Simple security for Flask apps

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.0.0nb1, Package name: py27-flask-security-3.0.0nb1, Maintainer: kleink

Flask-Security allows you to quickly add common security mechanisms
to your Flask application.


Required to run:
[devel/py-setuptools] [lang/python27] [www/py-flask] [www/py-flask-wtf] [www/py-flask-login] [www/py-flask-babelex] [security/py-itsdangerous] [www/py-flask-principal] [www/py-flask-mail] [security/py-passlib]

Required to build:
[devel/py-babel] [pkgtools/cwrappers] [devel/py-test-runner]

Master sites:

SHA1: 6a2b9bc23c24d728b8d2d5b8aabb0c9feb45615c
RMD160: 2bc3bed86bf177df6c26a4233b86d60e33d0f265
Filesize: 156.608 KB

Version history: (Expand)


CVS history: (Expand)


   2018-12-27 17:04:54 by Joerg Sonnenberger | Files touched by this commit (1)
Log message:
Needs py-test-runner.
   2018-11-23 23:33:44 by Mark Davies | Files touched by this commit (1)
Log message:
py-flask-security: add dependency py-flask-babelex
   2018-11-22 04:16:18 by Mark Davies | Files touched by this commit (3) | Package updated
Log message:
py-flask-security: update to 3.0.0

- Fixed a bug when user clicking confirmation link after confirmation
  and expiration causes confirmation email to resend.
- Added support for I18N.
- Added options `SECURITY_EMAIL_PLAINTEXT` and `SECURITY_EMAIL_HTML`
  for sending respecively plaintext and HTML version of email.
- Fixed validation when missing login information.
- Fixed condition for token extraction from JSON body.
- Better support for universal bdist wheel.
- Added port of CLI using Click configurable using options
  `SECURITY_CLI_USERS_NAME` and `SECURITY_CLI_ROLES_NAME`.
- Added new configuration option `SECURITY_DATETIME_FACTORY` which can
  be used to force default timezone for newly created datetimes.
- Better IP tracking if using Flask 0.12.
- Renamed deprecated Flask-WFT base form class.
- Added tests for custom forms configured using app config.
- Added validation and tests for next argument in logout endpoint.
- Bumped minimal required versions of several packages.
- Extended test matric on Travis CI for minimal and released package
  versions.
- Added of .editorconfig and forced tests for code style.
- Fixed a security bug when validating a confirmation token, also checks
  if the email that the token was created with matches the user's current
  email.
- Replaced token loader with request loader.
- Changed trackable behavior of `login_user` when IP can not be detected
  from a request from 'untrackable' to `None` value.
- Use ProxyFix instead of inspecting X-Forwarded-For header.
- Fix identical problem with app as with datastore.
- Removed always-failing assertion.
- Fixed failure of init_app to set self.datastore.
- Changed to new style flask imports.
- Added proper error code when returning JSON response.
- Changed obsolete Required validator from WTForms to DataRequired. Bumped
  Flask-WTF to 0.13.
- Fixed missing `SECURITY_SUBDOMAIN` in config docs.
- Added cascade delete in PeeweeDatastore.
- Added notes to docs about `SECURITY_USER_IDENTITY_ATTRIBUTES`.
- Inspect value of `SECURITY_UNAUTHORIZED_VIEW`.
- Send password reset instructions if an attempt has expired.
- Added "Forgot password?" link to LoginForm description.
- Upgraded passlib, and removed bcrypt version restriction.
- Removed a duplicate line ('retype_password': 'Retype Password') in
  forms.py.
- Various documentation improvement.
   2016-06-08 19:43:49 by Thomas Klausner | Files touched by this commit (356)
Log message:
Switch to MASTER_SITES_PYPI.
   2016-01-08 18:52:33 by Klaus Klein | Files touched by this commit (2) | Package updated
Log message:
Update py-flask-security to 1.7.5.

Version 1.7.5
-------------

Released December 2nd 2015

- Added `SECURITY_TOKEN_MAX_AGE` configuration setting
- Fixed calls to `SQLAlchemyUserDatastore.get_user(None)` (this now returns
  `False` instead of raising a `TypeError`
- Fixed URL generation adding extra slashes in some cases (see GitHub #343)
- Fixed handling of trackable IP addresses when the `X-Forwarded-For`
  header contains multiple values
- Include WWW-Authenticate headers in `@auth_required` authentication
  checks
- Fixed error when `check_token` function is used with a json list
- Added support for custom `AnonymousUser` classes
- Restricted `forgot_password` endpoint to anonymous users
- Allowed unauthorized callback to be overridden
- Fixed issue where passwords cannot be reset if currently set to `None`
- Ensured that password reset tokens are invalidated after use
- Updated `is_authenticated` and `is_active` functions to support
  Flask-Login changes
- Various documentation improvements
   2015-11-04 03:47:43 by Alistair G. Crooks | Files touched by this commit (758)
Log message:
Add SHA512 digests for distfiles for www category

Problems found locating distfiles:
	Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
	Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
	Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
	Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
	Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
	Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
	Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
	Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
	Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
	Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2014-12-31 14:57:34 by Thomas Klausner | Files touched by this commit (125)
Log message:
Improve EGG_NAME default to work for packages with '-' in their name.
Remove now unnecessary overrides in various packages.
   2014-10-23 16:34:42 by Klaus Klein | Files touched by this commit (2) | Package updated
Log message:
Update py-flask-security to 1.7.4.

Version 1.7.4
-------------

Released October 13th 2014

- Fixed a bug related to changing existing passwords from plaintext to
  hashed
- Fixed a bug in form validation that did not enforce case insensivitiy
- Fixed a bug with validating redirects