2016-01-08 18:52:33 by Klaus Klein | Files touched by this commit (2) |
Log message:
Update py-flask-security to 1.7.5.
Version 1.7.5
-------------
Released December 2nd 2015
- Added `SECURITY_TOKEN_MAX_AGE` configuration setting
- Fixed calls to `SQLAlchemyUserDatastore.get_user(None)` (this now returns
`False` instead of raising a `TypeError`
- Fixed URL generation adding extra slashes in some cases (see GitHub #343)
- Fixed handling of trackable IP addresses when the `X-Forwarded-For`
header contains multiple values
- Include WWW-Authenticate headers in `@auth_required` authentication
checks
- Fixed error when `check_token` function is used with a json list
- Added support for custom `AnonymousUser` classes
- Restricted `forgot_password` endpoint to anonymous users
- Allowed unauthorized callback to be overridden
- Fixed issue where passwords cannot be reset if currently set to `None`
- Ensured that password reset tokens are invalidated after use
- Updated `is_authenticated` and `is_active` functions to support
Flask-Login changes
- Various documentation improvements
|
2015-11-04 03:47:43 by Alistair G. Crooks | Files touched by this commit (758) |
Log message:
Add SHA512 digests for distfiles for www category
Problems found locating distfiles:
Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz
Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz
Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz
Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz
Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz
Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz
Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz
Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz
Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz
Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz
Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz
Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2014-12-31 14:57:34 by Thomas Klausner | Files touched by this commit (125) |
Log message:
Improve EGG_NAME default to work for packages with '-' in their name.
Remove now unnecessary overrides in various packages.
|
2014-10-23 16:34:42 by Klaus Klein | Files touched by this commit (2) |
Log message:
Update py-flask-security to 1.7.4.
Version 1.7.4
-------------
Released October 13th 2014
- Fixed a bug related to changing existing passwords from plaintext to
hashed
- Fixed a bug in form validation that did not enforce case insensivitiy
- Fixed a bug with validating redirects
|
2014-06-13 17:43:08 by Klaus Klein | Files touched by this commit (2) |
Log message:
Update py-flask-security to 1.7.3.
Version 1.7.3
-------------
Released June 10th 2014
- Fixed a bug where redirection to `SECURITY_POST_LOGIN_VIEW` was not
respected
- Fixed string encoding in various places to be friendly to unicode
- Now using `werkzeug.security.safe_str_cmp` to check tokens
- Removed user information from JSON output on `/reset` responses
- Added Python 3.4 support
|
2014-05-15 16:41:15 by Klaus Klein | Files touched by this commit (3) |
Log message:
Update py-flask-security to 1.7.2.
Version 1.7.2
-------------
- Fixed a bug regarding the `password_changed` signal.
|
2014-01-25 11:30:32 by Thomas Klausner | Files touched by this commit (533) | |
Log message:
Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
|
2014-01-24 10:49:34 by Klaus Klein | Files touched by this commit (2) |
Log message:
Add patch-flask_security_script.py to fix the py33 build;
also submitted upstream as #214.
|
2014-01-15 10:20:15 by Klaus Klein | Files touched by this commit (2) | |
Log message:
Update py-flask-security to 1.7.1.
Version 1.7.1
-------------
Released January 14th 2014
- Fixed a bug where passwords would fail to verify when specifying a password \
hash algorithm
Version 1.7.0
-------------
Released January 10th 2014
- Python 3.3 support!
- Dependency updates
- Fixed a bug when `SECURITY_LOGIN_WITHOUT_CONFIRMATION = True` did not allow \
users to log in
- Added `SECURITY_SEND_PASSWORD_RESET_NOTICE_EMAIL` configuraiton option to \
optionally send password reset notice emails
- Add documentation for `@security.send_mail_task`
- Move to `request.get_json` as `request.json` is now deprecated in Flask
- Fixed a bug when using AJAX to change a user's password
- Added documentation for select functions in the `flask_security.utils` module
- Fixed a bug in `flask_security.forms.NextFormMixin`
- Added `CHANGE_PASSWORD_TEMPLATE` configuration option to optionally specify a \
different change password template
- Added the ability to specify addtional fields on the user model to be used for \
identifying the user via the `USER_IDENTITY_ATTRIBUTES` configuration option
- An error is now shown if a user tries to change their password and the \
password is the same as before. The message can be customed with the \
`SECURITY_MSG_PASSWORD_IS_SAME` configuration option
- Fixed a bug in `MongoEngineUserDatastore` where user model would not be \
updated when using the `add_role_to_user` method
- Added `SECURITY_SEND_PASSWORD_CHANGE_EMAIL` configuration option to optionally \
disable password change email from being sent
- Fixed a bug in the `find_or_create_role` method of the PeeWee datastore
- Removed pypy tests
- Fixed some tests
- Include CHANGES and LICENSE in MANIFEST.in
- A bit of documentation cleanup
- A bit of code cleanup including removal of unnecessary utcnow call and \
simplification of get_max_age method
|
2013-08-23 18:52:27 by Klaus Klein | Files touched by this commit (2) |
Log message:
Update py-flask-security to 1.6.9.
Version 1.6.9
-------------
Released August 20th 2013
- Fix bug in SQLAlchemy datastore's `get_user` function
- Fix bug in PeeWee datastore's `remove_role_from_user` function
- Fixed import error caused by new Flask-WTF release
|