- Update to 3.4.0:
* (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`.
* (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms.
* (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication.
* (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support.
* (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code.
* (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required).
* (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85)
- Enable the testing
- Add patch to not require mongodb during testing:
* no-mongodb.patch
OBS-URL: https://build.opensuse.org/request/show/791500
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask-Security-Too?expand=0&rev=2
* (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`.
* (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms.
* (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication.
* (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support.
* (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code.
* (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required).
* (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85)
- Enable the testing
- Add patch to not require mongodb during testing:
* no-mongodb.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
