- Update to 3.4.0:

* (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`.
  * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms.
  * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication.
  * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support.
  * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code.
  * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required).
  * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85)
- Enable the testing
- Add patch to not require mongodb during testing:
  * no-mongodb.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3

Flask-Security-Too-3.3.3.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:19c8a28d3d081e0d2431e67caf3bee60a93480f37d345639bc99f656f1d810d7
-size 294805

Flask-Security-Too-3.4.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5ee18ae940468f5981046aea57daefc5d3b2b91937a824e10d2cf95ce1987383
+size 334036

no-mongodb.patch

@@ -0,0 +1,13 @@
+Index: Flask-Security-Too-3.4.0/tests/conftest.py
+===================================================================
+--- Flask-Security-Too-3.4.0.orig/tests/conftest.py
++++ Flask-Security-Too-3.4.0/tests/conftest.py
+@@ -617,7 +617,7 @@ def get_message(app):
+ 
+ 
+ @pytest.fixture(
+-    params=["sqlalchemy", "sqlalchemy-session", "mongoengine", "peewee", "pony"]
++    params=["sqlalchemy", "sqlalchemy-session", "peewee", "pony"]
+ )
+ def datastore(request, app, tmpdir, realdburl):
+     if request.param == "sqlalchemy":

python-Flask-Security-Too.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Sun Apr  5 07:58:15 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 3.4.0:
+  * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`.
+  * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms.
+  * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication.
+  * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support.
+  * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code.
+  * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required).
+  * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85)
+- Enable the testing
+- Add patch to not require mongodb during testing:
+  * no-mongodb.patch
+
 -------------------------------------------------------------------
 Tue Mar 24 15:35:47 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
 

python-Flask-Security-Too.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-Flask-Security-Too
 #
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,43 +12,60 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
 
 
 %define skip_python2 1
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-Flask-Security-Too
-Version:        3.3.3
+Version:        3.4.0
 Release:        0
-License:        MIT
 Summary:        Security for Flask apps
-Url:            https://github.com/jwag956/flask-security
+License:        MIT
+URL:            https://github.com/jwag956/flask-security
 Source:         https://files.pythonhosted.org/packages/source/F/Flask-Security-Too/Flask-Security-Too-%{version}.tar.gz
-BuildRequires:  python-rpm-macros
-BuildRequires:  %{python_module setuptools}
+Patch0:         no-mongodb.patch
 BuildRequires:  %{python_module Babel >= 1.3}
+BuildRequires:  %{python_module Flask >= 1.0.2}
+BuildRequires:  %{python_module Flask-BabelEx >= 0.9.3}
+BuildRequires:  %{python_module Flask-Login >= 0.4.1}
+BuildRequires:  %{python_module Flask-Mail >= 0.9.1}
+BuildRequires:  %{python_module Flask-Principal >= 0.4.0}
+BuildRequires:  %{python_module Flask-SQLAlchemy >= 2.3}
+BuildRequires:  %{python_module Flask-WTF >= 0.14.0}
+BuildRequires:  %{python_module PyQRCode >= 1.2}
+BuildRequires:  %{python_module SQLAlchemy >= 1.2.6}
+BuildRequires:  %{python_module Werkzeug >= 0.15.5}
+BuildRequires:  %{python_module argon2_cffi >= 19.1.0}
+BuildRequires:  %{python_module bcrypt >= 3.1.5}
+BuildRequires:  %{python_module cachetools >= 3.1.0}
+BuildRequires:  %{python_module itsdangerous >= 1.1.0}
+BuildRequires:  %{python_module mock}
+BuildRequires:  %{python_module passlib >= 1.7.1}
+BuildRequires:  %{python_module peewee >= 3.11.2}
+BuildRequires:  %{python_module phonenumbers >= 8.11.1}
+BuildRequires:  %{python_module pony >= 0.7.11}
 BuildRequires:  %{python_module pytest-runner >= 2.6.2}
+BuildRequires:  %{python_module setuptools}
 BuildRequires:  %{python_module twine}
 BuildRequires:  %{python_module wheel}
+BuildRequires:  %{python_module zxcvbn >= 4.4.28}
 BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
 Requires:       python-Flask >= 1.0.2
 Requires:       python-Flask-BabelEx >= 0.9.3
 Requires:       python-Flask-Login >= 0.4.1
 Requires:       python-Flask-Mail >= 0.9.1
 Requires:       python-Flask-Principal >= 0.4.0
 Requires:       python-Flask-WTF >= 0.14.2
+Requires:       python-Werkzeug >= 0.15.5
 Requires:       python-itsdangerous >= 1.1.0
 Requires:       python-passlib >= 1.7.1
-Requires:       python-Werkzeug >= 0.15.5
-Requires:       python-speaklater
-Suggests:       python-Flask-SQLAlchemy >= 2.3
-Suggests:       python-bcrypt >= 3.1.5
-Suggests:       python-SQLAlchemy >= 1.2.6
 Conflicts:      python-Flask-Security < 3.2.0
 Obsoletes:      python-Flask-Security < 3.2.0
 Provides:       python-Flask-Security = %{version}
 BuildArch:      noarch
-
 %python_subpackages
 
 %description
@@ -58,6 +75,8 @@ based on the 3.0.0 version of the original.
 
 %prep
 %setup -q -n Flask-Security-Too-%{version}
+%patch0 -p1
+rm pytest.ini
 
 %build
 %python_build
@@ -67,7 +86,7 @@ based on the 3.0.0 version of the original.
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %check
-# Tests were disabled, just like in python-Flask-Security
+%pytest
 
 %files %{python_files}
 %doc AUTHORS CHANGES.rst README.rst