ynerant
/
django-cas-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
463 Commits 1 Branch 0 Tags 859 KiB
Commit Graph

319 Commits

Author SHA1 Message Date
Yohann D'ANELLO 251cfb9b49
Construct a middleware without a get_response function is deprecated and will not work in a future release. 
Signed-off-by: Yohann D'ANELLO <ynerant@¢rans.org>
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2020-12-22 23:07:33 +01:00
Yohann D'ANELLO d62def6d6b
django.conf.urls is deprecated and will be removed in Django 4.0, use django.urls.re_path instead 
Signed-off-by: Yohann D'ANELLO <ynerant@¢rans.org>
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2020-12-22 23:07:33 +01:00
Yohann D'ANELLO 10b389e7be
With Python 3.9, the crypt function raises an OSError 
See https://bugs.python.org/issue39289

Signed-off-by: Yohann D'ANELLO <ynerant@¢rans.org>
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
 2020-12-22 23:07:33 +01:00
Valentin Samir c3e2fdecfe Update to version 1.2.0 2020-07-05 15:27:15 +02:00
Théophile Bastian b7c7c0f0ba Service URL: keep blank GET arguments 
When a service URL contains GET arguments with no associated value, eg
  http://example.com/?foo=a&bar
only the arguments with value are kept, yielding
  http://example.com/?foo=a&ticket=<TICKET>
losing `bar` in the process
 2020-07-05 14:52:01 +02:00
Yohann D'ANELLO 9cd44aa8aa Code quality 2020-07-05 14:52:01 +02:00
Yohann D'ANELLO 4129687e41 Support Django 2.2 and 3.0 2020-07-05 14:52:01 +02:00
Théophile Bastian f4b4428b94 Fix CRYPT-DES hash method for LDAP 
The LDAP-formatted passwords using
[Crypt encoding](https://en.wikipedia.org/wiki/Crypt_(C))
can be hashed in many ways, inlcuding the old and deprecated DES and
BSDi methods.

The usual formatting for Crypt method consists in
  $method$salt$pass_hash
but those two deprecated methods are not encoded this way, and
`get_salt` would fail on those, yielding Error 500.
 2020-07-05 14:52:01 +02:00
erdnaxe aa88bf7a67 Bootstrap 4 templates (#47) 2020-07-05 14:52:01 +02:00
Valentin Samir bd9aedd1b4 Update to version 1.1.0 2019-03-02 11:37:11 +01:00
Valentin Samir 378f70fac9 Fix deprecation warning for {% load staticfiles %} and django.contrib.staticfiles 2019-03-02 11:31:18 +01:00
Valentin Samir 9ee95f0bec Fix checkbox position on the login page 2019-03-02 11:23:16 +01:00
钟雪松 f4ece7f1f2 set ldap3 client_strategy from sync to sync-restartable; in order to avoid error 32 broken pipe caused by time out 2019-01-25 15:28:07 +08:00
Valentin Samir edf4871b4a
Update to version 1.0.0 2019-01-12 12:01:48 +01:00
Valentin Samir a6cf8aaa20
Fix invalid escape sequence \. in regular expression \\. 2019-01-12 12:01:12 +01:00
Valentin Samir 248658b52d Fix squashed migrations, the app name should be 'cas_server' and not b'cas_server' 2018-05-21 13:25:36 +02:00
Valentin Samir 5bd06d47c5 Keep query string then redirecting from / to /login 2018-05-21 13:10:33 +02:00
Valentin Samir dc5f59ea46 Update PyPi url from https://pypi.python.org to https://pypi.org 2018-04-30 18:31:54 +02:00
Valentin Samir ca41c067b9 Wrap some long lines 2018-04-29 20:13:51 +02:00
Valentin Samir 290701e07f Changes for Django 2.0 support 2018-04-29 20:10:19 +02:00
Valentin Samir 753e3b5625 Fix #38 calling django.contrib.staticfiles.templatetags.staticfiles.static before collectstatic raise a ValueError. 
In debug bug, it actually works and do not raise an exception, but in
non-debug mode, it tries to search the staticfiles manifest for the file.
If there is no manifest because collectstatic has not been run before, this fails.
 2018-04-29 19:04:59 +02:00
Valentin Samir ee69b04b53 Fix code style of previous commit 2018-04-29 19:04:44 +02:00
Valentin Samir ff8373ee6a Always return authenticationDate, longTermAuthenticationRequestTokenUsed and isFromNewLogin attributes 
As specified in the CAS response XML schema (see Appendix A).
Fix #37 as returned attributes are now never empty.
 2018-04-29 18:48:41 +02:00
Valentin Samir 4123450e9f Add support for Django 2.0, fix #33 2018-01-27 10:44:34 +01:00
Valentin Samir 5811d6435c Update version to 0.9.0 2017-11-17 15:32:42 +01:00
Valentin Samir 971cde093c Fix XSS js injection 2017-11-17 15:28:12 +01:00
Roberto Morati f1a47e7766 Added protuguese translation (brazilian variant) 2017-08-29 18:14:00 +02:00
Valentin Samir 253b431194 Merge pull request #26 from JostCrow/master 
Added a way to disable the service messages on the login page
 2017-04-25 16:21:05 +02:00
Valentin Samir 03a069268a Merge pull request #27 from JostCrow/bigger_usernames 
The username was really small
 2017-04-25 16:20:50 +02:00
Jorik Kraaikamp 92bba0da49 added the missing migration 2017-03-30 15:25:49 +02:00
Jorik Kraaikamp 13af3ccd1d added the bigger username migration and change 2017-03-29 17:52:12 +02:00
Jorik Kraaikamp 951dc60e99 Fixed some major mistyping and added the default setting. 2017-03-29 16:57:27 +02:00
Jorik Kraaikamp 224202c5c2 Added a setting to turn of the messages about the service 2017-03-29 15:36:12 +02:00
Valentin Samir 1dba4fea95 Support for ldap3 version 2 or more (changes in the API) 
All exception are now in ldap3.core.exceptions, methodes for fetching
attritutes and dn are renamed.
 2017-03-29 14:34:58 +02:00
Valentin Samir 443c87fa40 Do not try to bind if the user dn was not found with LDAP auth backend 
Then using the LDAP auth backend with ``bind`` method for password check, do not try to bind
if the user dn was not found. This was causing the exception
``'NoneType' object has no attribute 'getitem'`` describe in #21
 2017-03-29 14:28:36 +02:00
Jorik Kraaikamp 5410aee3d5 Added dutch translations 2017-03-29 13:08:55 +02:00
Valentin Samir 00d47790e4 Update version to 0.8.0 2017-03-08 14:11:26 +01:00
Valentin Samir 64d3901ec4 Remove spaceless in forms, fix css class errors 2016-11-20 16:51:32 +01:00
Valentin Samir b80947755a Add module tests.auth a docstring 2016-10-07 15:36:11 +02:00
Valentin Samir f1fed48b21 Add ldap bind auth method and CAS_TGT_VALIDITY parameter. Fix #18 2016-10-07 15:27:43 +02:00
Valentin Samir e77dbbcd03 Update french translation 2016-09-18 11:40:22 +02:00
Valentin Samir 6185e9c68c Fix more spelling and grammar errors 2016-09-18 11:40:03 +02:00
Allie Micka 816d350548 Fix some spelling and grammar on log messages. 2016-09-18 11:26:09 +02:00
Valentin Samir 37c975eaf7 Allow both unicode and bytes dotted string in utils.import_attr 2016-09-18 11:21:33 +02:00
Valentin Samir c7171bb386 Add a test for login with missing parameter (username or password or both) 2016-09-10 15:24:30 +02:00
Valentin Samir 0b44ecf5e5 Update version to 0.7.4 2016-09-07 20:19:18 +02:00
Valentin Samir 8a7ffd8172 Update version to 0.7.3 2016-09-07 17:25:28 +02:00
Valentin Samir 216f38db14 Only check for valid username/password if username and password POST fields are posted. 2016-09-07 17:13:42 +02:00
Valentin Samir 868a06ea3f Really pick the last version on Pypi for new version checking. 
We were only sorting version string lexicographically and it would have break when
we reach version 0.10.N or 0.N.10
 2016-09-06 12:02:43 +02:00
Valentin Samir 990f00fe3c Add autofocus to the username input on the login page 2016-09-06 12:02:36 +02:00