Fri, 13 Nov 2020 01:06:16 +0100 |
Mads Kiilerich |
controllers: move controllers base class from lib/base to controllers
|
Sun, 01 Nov 2020 06:29:32 +0100 |
Mads Kiilerich |
imports: try to use global imports unless it is a layering violation
|
Sun, 01 Nov 2020 04:59:46 +0100 |
Mads Kiilerich |
lib: move webhelpers2 and friends to webutils
|
Mon, 19 Oct 2020 12:18:28 +0200 |
Mads Kiilerich |
lib: fix bad references to utils3
|
Mon, 12 Oct 2020 11:12:37 +0200 |
Mads Kiilerich |
model: always import the whole db module - drop "from" imports
|
Mon, 12 Oct 2020 11:21:15 +0200 |
Mads Kiilerich |
model: always import whole meta module - also when referencing Session
|
Sat, 10 Oct 2020 22:13:50 +0200 |
Mads Kiilerich |
routing: separate url handling from routing - move it to webutils
|
Tue, 18 Aug 2020 16:40:19 +0200 |
Mads Kiilerich |
auth: refactor permissions
|
Mon, 23 Mar 2020 14:29:31 +0100 |
Mads Kiilerich |
login: clarify comments
|
Mon, 23 Mar 2020 14:32:06 +0100 |
Mads Kiilerich |
user: make get_by_username_or_email default to treat username case insensitive
|
Thu, 26 Mar 2020 17:48:16 +0100 |
Mads Kiilerich |
auth: show a clear "Authentication failed" message if login fails after passing form validation
|
Tue, 24 Mar 2020 11:24:05 +0100 |
Thomas De Schampheleire |
login: assert that the validated user actually is found
|
Thu, 26 Dec 2019 13:16:14 +0100 |
Mads Kiilerich |
py3: drop the last uses of safe_str - they are no longer relevant when we don't have a separate unicode type
|
Thu, 09 Jan 2020 12:28:33 +0100 |
Mads Kiilerich |
login: fix incorrect CSRF rejection of "Reset Your Password" form (Issue #350)
stable
|
Wed, 07 Aug 2019 00:25:02 +0200 |
Mads Kiilerich |
scripts: initial run of import cleanup using isort
|
Tue, 06 Aug 2019 22:42:37 +0200 |
Mads Kiilerich |
helpers: change CSRF protection POST parameter name to "_session_csrf_secret_token" and fix up tests to use new names
|
Mon, 22 Jul 2019 03:29:45 +0200 |
Mads Kiilerich |
helpers: rename internal names of authentication_token to clarify that secure_form is about session CSRF secrets - not authentication
|
Thu, 03 Jan 2019 01:22:56 +0100 |
Mads Kiilerich |
auth: move IP check to AuthUser.make - it is more about accepting authentication than about permissions after authentication
|
Thu, 03 Jan 2019 01:22:45 +0100 |
Mads Kiilerich |
auth: introduce AuthUser.make factory which can return None if user can't be authenticated
|
Sun, 07 Apr 2019 23:35:23 +0200 |
Mads Kiilerich |
auth: use other and better checks than is_authenticated
|
Sat, 29 Dec 2018 16:16:36 +0100 |
Mads Kiilerich |
auth: don't ignore login POSTs if already logged in
|
Wed, 26 Dec 2018 03:03:31 +0100 |
Mads Kiilerich |
auth: make sure request.authuser *always* has been checked for check_ip_allowed - there is thus no need to check it later
|
Wed, 26 Dec 2018 02:11:55 +0100 |
Mads Kiilerich |
auth: drop confusing and layering-violating User.AuthUser property
|
Tue, 03 Apr 2018 16:20:05 +0200 |
Patrick Vane |
recaptcha: Update to Google recaptcha API v2 (Issue #313)
|
Wed, 15 Mar 2017 21:00:40 +0100 |
Thomas De Schampheleire |
controllers: remove empty __before__ methods
|
Sat, 24 Dec 2016 01:27:47 +0100 |
Mads Kiilerich |
tg: minimize future diff by some mocking and replacing some pylons imports with tg
|
Sat, 24 Dec 2016 01:27:47 +0100 |
Mads Kiilerich |
controllers: avoid setting request state in controller instances - set it in the thread global request variable
|
Sat, 03 Dec 2016 21:56:54 +0100 |
Thomas De Schampheleire |
forms: wrap LoginForm inside function like other forms
|
Sat, 17 Sep 2016 22:09:04 +0200 |
Thomas De Schampheleire |
Turbogears2 migration: replace pylons.url by kallithea.config.routing.url
|
Thu, 28 Jul 2016 15:38:30 +0200 |
Søren Løvborg |
login: have self-signup confirmation message respect site_name
|
Mon, 02 May 2016 23:45:26 +0200 |
Mads Kiilerich |
login: don't crash on login POSTs without password
|
Sat, 30 Jan 2016 16:37:43 +0100 |
Andrew Shadura |
auth: allow web login with email addresses
|
Fri, 27 Nov 2015 01:47:14 +0100 |
Mads Kiilerich |
cleanup: consistent space before line continuation backslash
|
Tue, 08 Sep 2015 11:00:02 +0200 |
Søren Løvborg |
auth: note that we never emit authuser "cookies" for the default user
|
Tue, 06 Oct 2015 19:22:22 +0200 |
Søren Løvborg |
auth: introduce AuthUser.is_default_user attribute
|
Wed, 09 Sep 2015 12:41:20 +0200 |
Søren Løvborg |
cleanup: replace redirect with WebOb exceptions
|
Wed, 23 Sep 2015 16:09:14 +0200 |
Søren Løvborg |
login: enhance came_from validation
stable
|
Fri, 18 Sep 2015 13:57:49 +0200 |
Søren Løvborg |
login: use server-relative URLs in came_from correctly
stable
|
Fri, 18 Sep 2015 13:57:49 +0200 |
Søren Løvborg |
login: include query parameters in came_from
stable
|
Fri, 18 Sep 2015 13:57:49 +0200 |
Søren Løvborg |
login: simplify came_from validation
stable
|
Sun, 20 Sep 2015 22:22:50 +0200 |
Mads Kiilerich |
login: make it clear that an invalid came_from is an invalid request
stable
|
Sun, 20 Sep 2015 22:22:50 +0200 |
Mads Kiilerich |
login: inline _redirect_to_origin
stable
|
Sun, 17 May 2015 02:07:18 +0200 |
Andrew Shadura |
auth: secure password reset implementation
|
Sun, 09 Aug 2015 02:29:46 +0200 |
Mads Kiilerich |
cleanup: pass log strings unformatted - avoid unnecessary % formatting when not logging
|
Sun, 09 Aug 2015 02:17:14 +0200 |
Mads Kiilerich |
cleanup: consistently use 'except ... as ...:'
|
Sun, 26 Jul 2015 13:58:50 +0200 |
Søren Løvborg |
auth: miscellaneous improvements and typo fixes
|
Tue, 14 Jul 2015 14:00:17 +0200 |
Søren Løvborg |
BaseController: hide "Log out" link for external login sessions
|
Tue, 14 Jul 2015 13:59:59 +0200 |
Søren Løvborg |
BaseController: enable container authentication on all pages
|
Tue, 14 Jul 2015 13:59:59 +0200 |
Søren Løvborg |
log_in_user: extract user session setup from LoginController
|
Tue, 14 Jul 2015 13:59:59 +0200 |
Søren Løvborg |
AuthUser: simplify check_ip_allowed and drop is_ip_allowed
|
Fri, 26 Jun 2015 20:36:05 +0200 |
Søren Løvborg |
AuthUser: Drop ip_addr field
|
Mon, 15 Jun 2015 17:22:17 +0200 |
Søren Løvborg |
LoginController: Let sessionmiddleware set session cookies
|
Tue, 09 Jun 2015 22:51:01 +0200 |
Mads Kiilerich |
login: refactor came_from and _validate_came_from handling
|
Tue, 19 May 2015 21:50:35 +0200 |
Thomas De Schampheleire |
login: preserve GET arguments throughout login redirection (issue #104)
|
Wed, 13 May 2015 01:27:50 +0200 |
Mads Kiilerich |
spelling: fix title casing on various translated strings
|
Tue, 07 Apr 2015 03:30:05 +0200 |
Mads Kiilerich |
tests: provide _authentication_token when POSTing
|
Wed, 25 Mar 2015 20:38:09 +0100 |
Mads Kiilerich |
controllers: consistently use formfill.render with force_defaults=False
|
Wed, 02 Jul 2014 19:08:36 -0400 |
Bradley M. Kuhn |
Drop rhodecode_ prefix for known setting names that are stored in kallithea_settings without prefix
kallithea-2.2.5-rebrand
|
Wed, 02 Jul 2014 19:06:01 -0400 |
Bradley M. Kuhn |
General renaming to Kallithea
kallithea-2.2.5-rebrand
|
Wed, 02 Jul 2014 19:05:52 -0400 |
Bradley M. Kuhn |
RhodeCode GmbH is not the sole author of this work
kallithea-2.2.5-rebrand
|