Commit b9099ef6 authored by Pierre-Elliott Bécue's avatar Pierre-Elliott Bécue

New upstream version 0.38.0+ds

parent 9399f70e
......@@ -47,6 +47,7 @@ Griffith Rees
Guillaume Vincent
Guoyu Hao
Hatem Nassrat
Hyunwoo Shim
J. Erm
J. Fernando Sánchez
Jack Shedd
......@@ -68,6 +69,7 @@ Joshua Sorenson
Julen Ruiz Aizpuru
Justin Michalicek
Justin Pogrob
Kevin Dice
Koichi Harakawa
Lee Semel
Luis Diego García
......@@ -86,10 +88,13 @@ Mauro Stettler
Morgante Pell
Nariman Gharib
Niklas A Emanuelsson
Pavel Savchenko
Patrick Paul
Paulo Eduardo Neves
Peter Bittner
Peter Rowlands
Peter Stein
Philip John James
Rabi Alam
Radek Czajka
Rense VanderHoek
......@@ -108,6 +113,7 @@ Stuart Ross
Terry Jones
Tomas Babej
Tomas Marcik
Tuk Bredsdorff
Udi Oron
Vuong Nguyen
Volodymyr Yatsyk
......
0.38.0 (2018-10-03)
*******************
Security notice
---------------
The ``{% user_display user %}`` tag did not escape properly. Depending on the
username validation rules, this could lead to XSS issues.
Note worthy changes
-------------------
- New provider: Vimeo (OAuth2).
- New translations: Basque.
0.37.1 (2018-08-27)
*******************
Backwards incompatible changes
------------------------------
- Dropped the ``x-li-src: msdk`` headers from the ``linkedin_oauth2`` handshake.
This header is only required for mobile tokens, and breaks the regular flow.
Use the ``HEADERS`` setting to add this header if you need it.
0.37.0 (2018-08-27)
*******************
Note worthy changes
-------------------
- The Battle.net login backend now recognizes ``apac`` as a valid region.
- User model using a ``UUIDField`` as it's primary key can now be logged
in upon email confirmation (if using ``ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION``).
- New providers: Agave, Cern, Disqus, Globus.
- New translation: Danish.
0.36.0 (2018-05-08)
*******************
......@@ -1060,7 +1104,7 @@ Backwards incompatible changes
social login to existing accounts. The symptom is you end up with
users who have multiple primary email addresses which conflicts
with assumptions made by the code. In addition to fixing the code
that allowed duplicates to occur, there is a managegement command
that allowed duplicates to occur, there is a management command
you can run if you think this effects you (and if it doesn't effect
you there is no harm in running it anyways if you are unsure):
......
Metadata-Version: 1.1
Name: django-allauth
Version: 0.36.0
Version: 0.38.0
Summary: Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.
Home-page: http://github.com/pennersr/django-allauth
Author: Raymond Penners
......@@ -110,3 +110,4 @@ Classifier: Programming Language :: Python :: 3.6
Classifier: Framework :: Django
Classifier: Framework :: Django :: 1.11
Classifier: Framework :: Django :: 2.0
Classifier: Framework :: Django :: 2.1
......@@ -8,7 +8,7 @@ r"""
"""
VERSION = (0, 36, 0, 'final', 0)
VERSION = (0, 38, 0, 'final', 0)
__title__ = 'django-allauth'
__version_info__ = VERSION
......
......@@ -268,7 +268,13 @@ class DefaultAccountAdapter(object):
username_field).error_messages.get('unique')
if not error_message:
error_message = self.error_messages['username_taken']
raise forms.ValidationError(error_message)
raise forms.ValidationError(
error_message,
params={
'model_name': user_model.__name__,
'field_label': username_field,
}
)
return username
def clean_email(self, email):
......@@ -333,8 +339,8 @@ class DefaultAccountAdapter(object):
if hasattr(response, 'render'):
response.render()
resp['html'] = response.content.decode('utf8')
if data is not None:
resp['data'] = data
if data is not None:
resp['data'] = data
return HttpResponse(json.dumps(resp),
status=status,
content_type='application/json')
......
......@@ -6,25 +6,8 @@ from allauth.account.utils import user_display
register = template.Library()
class UserDisplayNode(template.Node):
def __init__(self, user, as_var=None):
self.user_var = template.Variable(user)
self.as_var = as_var
def render(self, context):
user = self.user_var.resolve(context)
display = user_display(user)
if self.as_var:
context[self.as_var] = display
return ""
return display
@register.tag(name="user_display")
def do_user_display(parser, token):
@register.simple_tag(name='user_display')
def user_display_tag(user):
"""
Example usage::
......@@ -38,15 +21,4 @@ def do_user_display(parser, token):
{% endblocktrans %}
"""
bits = token.split_contents()
if len(bits) == 2:
user = bits[1]
as_var = None
elif len(bits) == 4:
user = bits[1]
as_var = bits[3]
else:
raise template.TemplateSyntaxError(
"'%s' takes either two or four arguments" % bits[0])
return UserDisplayNode(user, as_var)
return user_display(user)
......@@ -11,6 +11,8 @@ from django.contrib.sites.models import Site
from django.core import mail, validators
from django.core.exceptions import ValidationError
from django.db import models
from django.http import HttpResponseRedirect
from django.template import Context, Template
from django.test.client import Client, RequestFactory
from django.test.utils import override_settings
from django.urls import reverse
......@@ -28,7 +30,7 @@ from allauth.utils import get_user_model, get_username_max_length
from . import app_settings
from .adapter import get_adapter
from .auth_backends import AuthenticationBackend
from .signals import user_logged_out
from .signals import user_logged_in, user_logged_out
from .utils import (
filter_users_by_username,
url_str_to_user_pk,
......@@ -1100,7 +1102,7 @@ class UtilsTests(TestCase):
with patch('allauth.account.utils.get_user_model') as mocked_gum:
mocked_gum.return_value = UUIDUser
self.assertEqual(url_str_to_user_pk(self.user_id),
self.user_id)
uuid.UUID(self.user_id))
def test_pk_to_url_string_identifies_UUID_as_stringlike(self):
user = UUIDUser(
......@@ -1124,3 +1126,94 @@ class UtilsTests(TestCase):
self.assertEqual(user_username(user), 'CamelCase')
# TODO: Actually test something
filter_users_by_username('camelcase', 'foobar')
def test_user_display(self):
user = get_user_model()(username='john<br/>doe')
expected_name = 'john&lt;br/&gt;doe'
templates = [
'{% load account %}{% user_display user %}',
'{% load account %}{% user_display user as x %}{{ x }}'
]
for template in templates:
t = Template(template)
content = t.render(Context({'user': user}))
self.assertEqual(content, expected_name)
class ConfirmationViewTests(TestCase):
def _create_user(self, username='john', password='doe'):
user = get_user_model().objects.create(
username=username,
is_active=True)
if password:
user.set_password(password)
else:
user.set_unusable_password()
user.save()
return user
@override_settings(ACCOUNT_EMAIL_CONFIRMATION_HMAC=True,
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION=True)
def test_login_on_confirm(self):
user = self._create_user()
email = EmailAddress.objects.create(
user=user,
email='a@b.com',
verified=False,
primary=True)
key = EmailConfirmationHMAC(email).key
receiver_mock = Mock() # we've logged if signal was called
user_logged_in.connect(receiver_mock)
# fake post-signup account_user stash
session = self.client.session
session['account_user'] = user_pk_to_url_str(user)
session.save()
resp = self.client.post(
reverse('account_confirm_email',
args=[key]))
email = EmailAddress.objects.get(pk=email.pk)
self.assertTrue(email.verified)
receiver_mock.assert_called_once_with(
sender=get_user_model(),
request=resp.wsgi_request,
response=resp,
user=get_user_model().objects.get(username='john'),
signal=user_logged_in,
)
user_logged_in.disconnect(receiver_mock)
@override_settings(ACCOUNT_EMAIL_CONFIRMATION_HMAC=True,
ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION=True)
@patch('allauth.account.views.perform_login')
@patch('allauth.account.utils.get_user_model', return_value=UUIDUser)
def test_login_on_confirm_uuid_user(self, mocked_gum, mock_perform_login):
user = UUIDUser(
is_active=True,
email='john@example.com',
username='john')
# fake post-signup account_user stash
session = self.client.session
session['account_user'] = user_pk_to_url_str(user)
session.save()
# fake email and email confirmation to avoid swappable model hell
email = Mock(verified=False, user=user)
key = 'mockkey'
confirmation = Mock(autospec=EmailConfirmationHMAC, key=key)
confirmation.email_address = email
confirmation.from_key.return_value = confirmation
mock_perform_login.return_value = HttpResponseRedirect(redirect_to='/')
with patch('allauth.account.views.EmailConfirmationHMAC',
confirmation):
self.client.post(
reverse('account_confirm_email',
args=[key]))
assert mock_perform_login.called
......@@ -422,7 +422,7 @@ def url_str_to_user_pk(s):
else:
pk_field = User._meta.pk
if issubclass(type(pk_field), models.UUIDField):
return s
return pk_field.to_python(s)
try:
pk_field.to_python('a')
pk = s
......
......@@ -765,15 +765,18 @@ class LogoutView(TemplateResponseMixin, View):
if app_settings.LOGOUT_ON_GET:
return self.post(*args, **kwargs)
if not self.request.user.is_authenticated:
return redirect(self.get_redirect_url())
response = redirect(self.get_redirect_url())
return _ajax_response(self.request, response)
ctx = self.get_context_data()
return self.render_to_response(ctx)
response = self.render_to_response(ctx)
return _ajax_response(self.request, response)
def post(self, *args, **kwargs):
url = self.get_redirect_url()
if self.request.user.is_authenticated:
self.logout()
return redirect(url)
response = redirect(url)
return _ajax_response(self.request, response)
def logout(self):
adapter = get_adapter(self.request)
......
......@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: 0.1\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-05-08 00:43-0500\n"
"POT-Creation-Date: 2018-08-27 05:00-0500\n"
"PO-Revision-Date: 2016-01-19 19:32+0100\n"
"Last-Translator: David D Lowe <daviddlowe.flimm@gmail.com>\n"
"Language-Team: Arabic\n"
......@@ -31,7 +31,7 @@ msgstr ""
msgid "A user is already registered with this e-mail address."
msgstr "هنالك مستخدم مسجل سابقا مع نفس عنوان البريد الاكتروني‪.‬"
#: account/adapter.py:288
#: account/adapter.py:294
#, python-brace-format
msgid "Password must be a minimum of {0} characters."
msgstr "كلمة المرور يجب أن لا تقل عن {0} حروف."
......
......@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: 0.35\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-05-08 00:43-0500\n"
"POT-Creation-Date: 2018-08-27 05:00-0500\n"
"PO-Revision-Date: 2018-04-17 16:52+0200\n"
"Last-Translator: Beda Kosata <beda.kosata@gmail.com>\n"
"Language-Team: Czech <>\n"
......@@ -31,7 +31,7 @@ msgstr "Příliš mnoho pokusů o přihlášení. Zkuste to prosím později."
msgid "A user is already registered with this e-mail address."
msgstr "Uživatel s tímto e-mailem je již registrován."
#: account/adapter.py:288
#: account/adapter.py:294
#, python-brace-format
msgid "Password must be a minimum of {0} characters."
msgstr "Heslo musí obsahovat minimálně {0} znaků."
......
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-09-03 14:25+0200\n"
"PO-Revision-Date: 2018-09-03 16:04+0200\n"
"Language: da\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"Last-Translator: b'Tuk Bredsdorff <tukodeb@gmail.com>'\n"
"Language-Team: \n"
"X-Generator: Poedit 2.1.1\n"
#: account/adapter.py:45
msgid "Username can not be used. Please use other username."
msgstr "Brugernavn kan ikke bruges. Brug venligst et andet brugernavn."
#: account/adapter.py:49
msgid "Too many failed login attempts. Try again later."
msgstr "Der er for mange mislykkede logonforsøg. Prøv igen senere."
#: account/adapter.py:51
msgid "A user is already registered with this e-mail address."
msgstr "En bruger er allerede registreret med denne e-mail-adresse."
#: account/adapter.py:294
#, python-brace-format
msgid "Password must be a minimum of {0} characters."
msgstr "Adgangskoden skal være på mindst {0} tegn."
#: account/apps.py:7
msgid "Accounts"
msgstr "Konti"
#: account/forms.py:61 account/forms.py:398
msgid "You must type the same password each time."
msgstr "Du skal skrive den samme adgangskode hver gang."
#: account/forms.py:91 account/forms.py:365 account/forms.py:476
msgid "Password"
msgstr "Adgangskode"
#: account/forms.py:92
msgid "Remember Me"
msgstr "Husk mig"
#: account/forms.py:98
msgid "This account is currently inactive."
msgstr "Denne konto er i øjeblikket inaktiv."
#: account/forms.py:101
msgid "The e-mail address and/or password you specified are not correct."
msgstr "Den angivne e-mail-adresse og/eller adgangskode er ikke korrekt."
#: account/forms.py:104
msgid "The username and/or password you specified are not correct."
msgstr "Det angivne brugernavn og/eller adgangskoden er ikke korrekt."
#: account/forms.py:113 account/forms.py:268 account/forms.py:426
#: account/forms.py:495
msgid "E-mail address"
msgstr "E-mail adresse"
#: account/forms.py:115 account/forms.py:301 account/forms.py:421
#: account/forms.py:490
msgid "E-mail"
msgstr "E-mail"
#: account/forms.py:120 account/forms.py:123 account/forms.py:260
#: account/forms.py:264
msgid "Username"
msgstr "Brugernavn"
#: account/forms.py:130
msgid "Username or e-mail"
msgstr "Brugernavn eller e-mail"
#: account/forms.py:133
msgctxt "field label"
msgid "Login"
msgstr "Bruger"
#: account/forms.py:292
msgid "E-mail (again)"
msgstr "E-mail (igen)"
#: account/forms.py:296
msgid "E-mail address confirmation"
msgstr "Bekræftelse af e-mail-adresse"
#: account/forms.py:304
msgid "E-mail (optional)"
msgstr "E-mail (valgfri)"
#: account/forms.py:345
msgid "You must type the same email each time."
msgstr "Du skal skrive den samme e-mail hver gang."
#: account/forms.py:368 account/forms.py:477
msgid "Password (again)"
msgstr "Adgangskode (igen)"
#: account/forms.py:432
msgid "This e-mail address is already associated with this account."
msgstr "Denne e-mail-adresse er allerede knyttet til denne konto."
#: account/forms.py:434
msgid "This e-mail address is already associated with another account."
msgstr "Denne e-mail-adresse er allerede knyttet til en anden konto."
#: account/forms.py:456
msgid "Current Password"
msgstr "Nuværende adgangskode"
#: account/forms.py:457 account/forms.py:546
msgid "New Password"
msgstr "Ny adgangskode"
#: account/forms.py:458 account/forms.py:547
msgid "New Password (again)"
msgstr "Ny adgangskode (igen)"
#: account/forms.py:466
msgid "Please type your current password."
msgstr "Indtast din nuværende adgangskode."
#: account/forms.py:504
msgid "The e-mail address is not assigned to any user account"
msgstr "E-mail-adressen er ikke tildelt til nogen brugerkonto"
#: account/forms.py:568
msgid "The password reset token was invalid."
msgstr "Token for nulstilling af adgangskode var ugyldig."
#: account/models.py:23
msgid "user"
msgstr "bruger"
#: account/models.py:27 account/models.py:81
msgid "e-mail address"
msgstr "e-mail adresse"
#: account/models.py:28
msgid "verified"
msgstr "bekræftet"
#: account/models.py:29
msgid "primary"
msgstr "primær"
#: account/models.py:34
msgid "email address"
msgstr "e-mail adresse"
#: account/models.py:35
msgid "email addresses"
msgstr "e-mail adresser"
#: account/models.py:83
msgid "created"
msgstr "oprettet"
#: account/models.py:85
msgid "sent"
msgstr "sendt"
#: account/models.py:86 socialaccount/models.py:55
msgid "key"
msgstr "nøgle"
#: account/models.py:91
msgid "email confirmation"
msgstr "e-mail bekræftigelse"
#: account/models.py:92
msgid "email confirmations"
msgstr "e-mail bekræftigelser"
#: socialaccount/adapter.py:26
#, python-format
msgid ""
"An account already exists with this e-mail address. Please sign in to that "
"account first, then connect your %s account."
msgstr ""
"En konto med denne e-mail adresse eksisterer allerede. Log venligst ind med "
"den konto først og tilknyt din %s konto derefter."
#: socialaccount/adapter.py:131
msgid "Your account has no password set up."
msgstr "Der er ikke oprettet noget password til din konto."
#: socialaccount/adapter.py:138
msgid "Your account has no verified e-mail address."
msgstr "Din konto har ikke noget bekræftiget e-mail adresse."
#: socialaccount/apps.py:7
msgid "Social Accounts"
msgstr "Sociale konti"
#: socialaccount/models.py:43 socialaccount/models.py:77
msgid "provider"
msgstr "udbyder"
#: socialaccount/models.py:46
msgid "name"
msgstr "navn"
#: socialaccount/models.py:48
msgid "client id"
msgstr "klient id"
#: socialaccount/models.py:50
msgid "App ID, or consumer key"
msgstr "App ID, eller konsumer nøgle"
#: socialaccount/models.py:51
msgid "secret key"
msgstr "hemmelig nøgle"
#: socialaccount/models.py:53
msgid "API secret, client secret, or consumer secret"
msgstr "API hemmelighed, klient hemmelighed eller konsumet hemmelighed"
#: socialaccount/models.py:58
msgid "Key"
msgstr "Nøgle"
#: socialaccount/models.py:66
msgid "social application"
msgstr "social applikation"
#: socialaccount/models.py:67
msgid "social applications"
msgstr "sociale applikationer"
#: socialaccount/models.py:96
msgid "uid"
msgstr "uid"
#: socialaccount/models.py:98
msgid "last login"
msgstr "sidste log ind"
#: socialaccount/models.py:100
msgid "date joined"
msgstr "dato oprettet"
#: socialaccount/models.py:102
msgid "extra data"
msgstr "ekstra data"
#: socialaccount/models.py:106
msgid "social account"
msgstr "social konto"
#: socialaccount/models.py:107
msgid "social accounts"
msgstr "sociale konti"
#: socialaccount/models.py:133
msgid "token"
msgstr "token"
#: socialaccount/models.py:135
msgid "\"oauth_token\" (OAuth1) or access token (OAuth2)"
msgstr "“oauth_token” (OAuth1) eller adgangstoken (OAuth2)"
#: socialaccount/models.py:138
msgid "token secret"
msgstr "token hemmelighed"
#: socialaccount/models.py:140
msgid "\"oauth_token_secret\" (OAuth1) or refresh token (OAuth2)"
msgstr "“oauth_token_secret” (OAuth1) eller fornyelsestoken (OAuth2)"
#: socialaccount/models.py:142
msgid "expires at"
msgstr "udløber den"
#: socialaccount/models.py:146
msgid "social application token"
msgstr "socialt applikationstoken"
#: socialaccount/models.py:147
msgid "social application tokens"
msgstr "sociale applikationstokener"
#: socialaccount/providers/douban/views.py:36
msgid "Invalid profile data"
msgstr "Ugyldig profildata"
#: socialaccount/providers/oauth/client.py:78
#, python-format
msgid "Invalid response while obtaining request token from \"%s\"."
msgstr "Ugyldig respons under forsøg på at hente request token fra “%s”."
#: socialaccount/providers/oauth/client.py:109
#, python-format
msgid "Invalid response while obtaining access token from \"%s\"."
msgstr "Ugyldig respons under forsøg på at hente adgangstoken fra “%s”."
#: socialaccount/providers/oauth/client.py:128
#, python-format
msgid "No request token saved for \"%s\"."
msgstr "Intet request token gemt for “%s”."
#: socialaccount/providers/oauth/client.py:177
#, python-format
msgid "No access token saved for \"%s\"."
msgstr "Intet adgangstoken gemt for “%s”."
#: socialaccount/providers/oauth/client.py:197
#, python-format
msgid "No access to private resources at \"%s\"."
msgstr "Ingen adgang til private ressourcer på “%s”."
#: templates/account/account_inactive.html:5
#: templates/account/account_inactive.html:8
msgid "Account Inactive"
msgstr "Inaktiv konto"
#: templates/account/account_inactive.html:10
msgid "This account is inactive."
msgstr "Denne konto er inaktiv."
#: templates/account/email.html:5
msgid "Account"
msgstr "Konto"
#: templates/account/email.html:8
msgid "E-mail Addresses"
msgstr "E-mail adresser"