pyramid/docs/quick_tutorial/authentication/tutorial, branch main Pyramid web framework (fork of https://github.com/Pylons/pyramid). docs: remove 'came_from' from login view 2024-06-10T01:09:19+00:00 Tres Seaver tseaver@palladion.com 2024-06-09T20:28:34+00:00 c9235146e0102d03bb4548711cd0b3b0637d81fa - The narrative doesn't discuss this (mis-)feature. - Without any authorization, there is no meaninful reason to remember the 'previous' page. - As a general rule, we want to avoid trusting user-supplied data (i.e., from the query string or form params) when constructing redirect URLs. 
- The narrative doesn't discuss this (mis-)feature.

- Without any authorization, there is no meaninful reason to remember
  the 'previous' page.

- As a general rule, we want to avoid trusting user-supplied data (i.e.,
  from the query string or form params) when constructing redirect URLs.
Rename `ISecurityPolicy.authenticated_identity` to `identity` 2020-10-14T06:08:00+00:00 Theron Luhn theron@luhn.com 2020-10-14T06:08:00+00:00 ab80ac7996bf792ddf3fbcce639e4b6714b401e6 






change hashalg on AuthTktCookieHelper to sha512.
2019-12-31T22:40:17+00:00

Michael Merickel
michael@merickel.org

2019-12-31T22:38:44+00:00

4255eecf1544731a7200ab0a24671195416601e2












rename identify(request) to authenticated_identity(request)
2019-12-30T19:29:25+00:00

Michael Merickel
michael@merickel.org

2019-12-30T19:29:25+00:00

25439c2dbd4ff971e2a32ac96fc893de0bdcefd3












update authentication and authorization chapters of the quick_tutorial to use the new ISecurityPolicy
2019-12-30T05:33:51+00:00

Michael Merickel
michael@merickel.org

2019-12-30T05:29:48+00:00

bd8f73be18f8f54daff34debd976a4b81be886aa












views.py: prevent exception on unknown user login
2017-11-03T16:30:44+00:00

silum
deneys.maartens@gmail.com

2017-11-03T16:30:44+00:00

b83d693d23b3f1d96cfbe8ea7bd8b9cd404b7b7c

Attempting authentication without specifying a login, or when the login is not known, causes an unhandled exception to be raised in `security.py` because `None` is passed to `check_password()` as the hashed password to check against.




Attempting authentication without specifying a login, or when the login is not known, causes an unhandled exception to be raised in `security.py` because `None` is passed to `check_password()` as the hashed password to check against.






Add one-way password hash to security example in Quick Tutorial.
2016-07-21T15:06:38+00:00

Keith Yang
yang@keitheis.org

2016-07-16T08:28:25+00:00

29d12cd3917c1a792c3a891e39ab15f99e8b380d












correct title tag; punctuation
2015-05-23T22:15:52+00:00

Steve Piercy
web@stevepiercy.com

2015-05-23T22:13:58+00:00

ce2ba51a51a773af0e9b0d63236fb6522aa6cf50












undeprecate remember/forget functions and remove remember_userid/forget_userid methods from request
2013-11-09T22:11:16+00:00

Chris McDonough
chrism@plope.com

2013-11-09T22:11:16+00:00

0dcd56c2c30863c6683c0cf442aa73dfdcd11b13












convert remember/forget to request-method-based
2013-10-31T00:24:34+00:00

Chris McDonough
chrism@plope.com

2013-10-31T00:24:34+00:00

675e0d4cf01840740490c03a2e3704b0b7d98de3