dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,543 Commits 18 Branches 72 Tags
1dea18b8a1bd6fbd64978d00a07dbdee451663f3
Commit Graph

592 Commits

Author SHA1 Message Date
mdipierro
1e450ed1d6 Merge pull request #1888 from BuhtigithuB/fix/recapchat-v1-deprecated 
Close #1887 - remove Recaptcha V1
 2018-04-18 21:59:13 -05:00
mdipierro
cec14c741a fixed no-email edit in profile 2018-04-02 23:53:05 -05:00
Richard Vézina
ff44821f05 Close #1887 - remove Recaptcha V1 2018-03-26 16:21:21 -04:00
mdipierro
a679210649 fixed aws email 2018-03-20 09:14:05 -05:00
mdipierro
2752aba471 allow sending raw emails with server='aws' 2018-03-15 17:14:00 -05:00
ilvalle
ad3c69155b fix few urllib.urlencode, close #1841 2018-02-04 09:58:16 +01:00
Roald Osinga
9bf8ca9c3b made cas_provider response py3 compatible 2018-01-05 11:49:20 +01:00
mdipierro
4a2a02d1fe fixed display of computed fields 2017-12-02 12:52:15 -06:00
mdipierro
551c19bcaf Merge pull request #1761 from josedesoto/issue/update_role_on_update_profile 
Update groups on edit profile
 2017-11-13 21:14:02 -06:00
Leonel Câmara
925f928843 Copy all CRYPT attributes thanks @abastardi 2017-11-08 11:53:29 +00:00
Leonel Câmara
228d3c41b6 Fixes #1800 2017-11-07 23:34:35 +00:00
Jose de Soto
5f4c47729b Removed a tab and replaced by spaces 2017-09-21 10:17:17 +02:00
Jose de Soto
e8cf50326d When profile is updated self._update_session_user(user) set session.user_groups to None. self.update_groups() needs to be done. 2017-09-13 11:21:03 +02:00
mdipierro
213c4ee7d1 fixed use of whitespaces 2017-08-01 10:26:33 -05:00
mdipierro
7088b74d42 Merge pull request #1705 from josedesoto/enhancement/1557 
Enhancement/1557
 2017-08-01 09:46:55 -05:00
Jose de Soto
d5167f2ed6 change_password_url parameter for alternate login methods 2017-07-31 19:00:24 +02:00
Jose de Soto
1014d3e86e new parameter to auto create or not users with alternate login methods 2017-07-31 18:33:15 +02:00
Jan Kotyz
19efbfecfa Fixes 1700 2017-07-27 11:27:41 +02:00
Leonel Câmara
b7b8a009f2 Fixes #1680 2017-07-14 20:17:30 +01:00
mdipierro
453123a8ed Merge pull request #1652 from BuhtigithuB/improve/pep8-tools-py 
Enhance tools.py PEP8 compliancy
 2017-07-10 14:11:11 -05:00
mdipierro
f657b42f65 fixed undefined variable 2017-07-02 01:34:05 -05:00
mdipierro
1c0b498880 fixed undefined variable 2017-07-02 01:32:25 -05:00
Richard Vézina
583d106104 Fix docstring py3 compatibility issues print -> print() 2017-06-21 11:33:00 -04:00
Richard Vézina
7ada2cf89a Enhance tools.py PEP8 compliancy 2017-06-21 11:27:54 -04:00
mdipierro
0674111129 fixes #1579, thanks Nico 2017-06-20 14:29:47 -05:00
mdipierro
18b755b8da fixed #1583, thanks matclab 2017-06-20 14:24:35 -05:00
Leonel Câmara
376c12a225 Fixes #1628 2017-06-05 23:35:41 +01:00
mdipierro
baa129f871 Merge pull request #1527 from leonelcamara/authapi2 
Auth refactor
 2017-05-01 09:13:18 -05:00
BrenBarn
86a2c529b9 Change to modify Service instead of adding FlexibleService 2017-01-31 14:13:43 -08:00
BrenBarn
55592e7c6e Add FlexibleService, which allows @service-style methods that accept varargs 2017-01-31 11:48:28 -08:00
Martin Doucha
e7cab3b975 Add Auth and Crud messages when updating language files 2016-12-20 18:54:20 +01:00
Leonel Câmara
bf5ec0d7cf Fixed a long standing bug in login_user which was using 'password' instead of settings.password_field 
Fixes #636
 2016-11-20 19:38:21 +00:00
Giuseppe Chiesa
2c70a858f1 implemented base support for CASv3 2016-11-17 13:30:11 +01:00
mdipierro
091d9c74b0 Merge pull request #1525 from michele-comitini/confirm_registration_redirect_fix 
keep the _next while doing the redirect
 2016-11-14 08:27:39 -06:00
Leonel Câmara
02f0bdb8d3 Auth refactor, extracted many methods into a base class for more generic auth mechanisms. 
Partially addresses #1526
Includes a solution for IS_LOWER and IS_UPPER validator problems I mentioned in #1353
 2016-11-05 16:37:22 +00:00
Michele Comitini
6b1225da02 keep the _next while doing the redirect 2016-11-04 09:59:49 +01:00
Mathieu Clabaut
2d4817841f Allow for firstname and lastname in verify_email message 2016-11-01 11:31:01 +01:00
niphlod
40d6a72b90 fixes #1455 2016-09-21 22:35:04 +02:00
kelson
fe058bf817 fixed auth.add_membership succeeding with invalid group_id/user_id 2016-08-17 17:17:34 -04:00
Giovanni Barillari
0528a347b3 Updated pyDAL to 16.08 2016-08-13 15:38:55 +02:00
mdipierro
35eaba1096 removed duplicated code, using pydal's _compat.py 2016-08-01 03:39:22 -05:00
niphlod
cae10a68c0 fixed most of py3 warnings, output is much cleaner this way 2016-07-18 23:45:28 +02:00
Jason Bohrer
0c4d254a9c Changed tuple to list 
The comparison between parts[1:3] and ('', host) would return false because a list and a tuple were being compared.
 2016-07-01 13:26:23 -04:00
mdipierro
d9c2f778ee fixed auth next open redirect 2016-07-01 02:22:15 -05:00
Th3R3p0
d95acb6897 Fixed open redirect security vulnerability. The previous filter searched for two forward slashes "//" in the "_next” parameter and if the two forward slashes were found it would check the URI and determine if the hostname matched the hostname of the web server. If not, it would change the next variable to the None. However, browsers don't require two forward slashes. As a feature, browsers accept typos such as http:google.com or http:/google.com and redirect to http://google.com. This can be used to leverage an open redirect attack even with the current filter. This commit fixes the open redirect vulnerability in the _next get parameter. Thanks to jnbrex for helping debug/write the patch for this vulnerability. 2016-06-30 17:24:47 -04:00
Alex Artigues
f87c3e260c Fix next redirect if only one / exists 2016-06-29 20:54:13 -04:00
ilvalle
48209f5bdf fix compileapp 2016-06-13 20:20:49 +02:00
ilvalle
7259516627 fix tools 2016-06-13 20:20:44 +02:00
mdipierro
a18e0e489f why is session.forget not callable in tests? 2016-06-12 21:08:33 -05:00
mdipierro
dfb0129f09 do not forget a missing session 2016-06-12 20:55:16 -05:00