python-Flask-Security-Too

pool/python-Flask-Security-Too

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Steve Kowalik	0d52f70841	- Update to 4.1.2: * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX * Add public API and CLI command to change a user's password. * Add type hints. Please note that many of the packages that flask-security * Add first-class support for using username for signing in. * Possible open redirect vulnerability. * Improve cookie handling and default ``samesite`` to ``Strict``. * Email validation confusion - added documentation. * Add documentation on how to override specific error messages. * Don't install global-scope tests. * Add Blinker as explicit dependency, improve/fix celery usage docs, don't require pyqrcode unless authenticator configured, improve SMS configuration variables documentation. * Your UserModel must contain ``fs_uniquifier`` * Removal of python 2.7 and <3.6 support * Remove two-factor `/tf-confirm` endpoint and use generic `freshness` mechanism. * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In addition to not making sense - the documentation has never been correct. * Add 2FA Validity Window so an application can configure how often the second factor has to be entered. * Add HTML5 Email input types to email fields. - Refresh no-mongodb.patch - Drop patches: * no-setup-dependencies.patch * fix-dependencies.patch * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch - Add patch use-pyqrcodeng.patch: * Use pyqrcodeng rather than pyqrcode. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14	2022-02-28 06:21:54 +00:00

Author

SHA256

Message

Date

Steve Kowalik

0d52f70841

- Update to 4.1.2:

* default_reauthn_handler doesn't honor SECURITY_URL_PREFIX
  * Add public API and CLI command to change a user's password.
  * Add type hints. Please note that many of the packages that flask-security
  * Add first-class support for using username for signing in.
  * Possible open redirect vulnerability.
  * Improve cookie handling and default ``samesite`` to ``Strict``.
  * Email validation confusion - added documentation.
  * Add documentation on how to override specific error messages.
  * Don't install global-scope tests.
  * Add Blinker as explicit dependency, improve/fix celery usage docs,
    don't require pyqrcode unless authenticator configured, improve SMS
    configuration variables documentation.
  * Your UserModel must contain ``fs_uniquifier``
  * Removal of python 2.7 and <3.6 support
  * Remove two-factor `/tf-confirm` endpoint and use generic `freshness`
    mechanism.
  * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In
    addition to not making sense - the documentation has never been correct.
  * Add 2FA Validity Window so an application can configure how often the
    second factor has to be entered.
  * Add HTML5 Email input types to email fields.
- Refresh no-mongodb.patch
- Drop patches:
  * no-setup-dependencies.patch
  * fix-dependencies.patch
  * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch
- Add patch use-pyqrcodeng.patch:
  * Use pyqrcodeng rather than pyqrcode.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14

2022-02-28 06:21:54 +00:00

1 Commits