Skip to content

Conversation

eadwinCode
Copy link
Owner

No description provided.

Pijuli and others added 30 commits January 24, 2022 23:56
* chore: test on Django 4.0

* Remove Django 3.1 support from trove

* Remove Django 3.1 from tox

* Remove 3.1 reference in tox.ini

Co-authored-by: Andrew Chen Wang <[email protected]>
* OutstandingToken user on_delete should be null

* Add test to verify that deleting a User doesn't remove tokens from the blacklist

This is a rather unexpected default behavior. Deleting a User means that
their blacklisted tokens become live again.

* Add migration for cascading User deletion to SET_NULL instead of DELETE

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

Co-authored-by: Andrew Chen Wang <[email protected]>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
updates:
- [github.com/pre-commit/pre-commit-hooks: v4.0.1 → v4.1.0](pre-commit/pre-commit-hooks@v4.0.1...v4.1.0)
- [github.com/asottile/yesqa: v1.2.3 → v1.3.0](asottile/yesqa@v1.2.3...v1.3.0)
- [github.com/pycqa/isort: 5.9.3 → 5.10.1](PyCQA/isort@5.9.3...5.10.1)
- [github.com/psf/black: 21.9b0 → 21.12b0](psf/black@21.9b0...21.12b0)
- [github.com/pre-commit/pre-commit-hooks: v4.0.1 → v4.1.0](pre-commit/pre-commit-hooks@v4.0.1...v4.1.0)
- [github.com/asottile/pyupgrade: v2.28.0 → v2.31.0](asottile/pyupgrade@v2.28.0...v2.31.0)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Parameterize some tests to reduce duplication and make it easy to add more algorithms

This way new algorithms can be added to the basic test set simply by
adding their backends to TestTokenBackend.backends.

* Enable ECDSA algorithms supported by PyJWT

Enable the algorithms and add basic tests for them.

Also convert the ALLOWED_ALGORITHMS constant to a set for a minor style
cleanup.

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
For most cases this could be done by overriding get_token, which is simple
enough. The exception was TokenRefreshSerializer.validate where the entire
method needed to be copy-pasted to allow using a custom replacement for
RefreshToken. The other cases are changed the same way mainly for
consistency.
updates:
- [github.com/psf/black: 21.12b0 → 22.1.0](psf/black@21.12b0...22.1.0)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Add default __getattr__ behavior to models.TokenUser to allow getting custom claims defined in serializers

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Add locale checker to CI

* Just pip install Django

* Add gettext package to OS

* Add sudo to apt-get

* Use @2ykwang 's updated script

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Only update on push to master
* To avoid pain points of PRs and histories being split
* Trying to use Andrew's username for pushing to see if that works

* Use separate workflow file

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Update CHANGELOG.md for v5.0.1

* Update CHANGELOG.md

* Remove looking for maintainers in README since Jazzband

Co-authored-by: Andrew Chen Wang <[email protected]>
updates:
- [github.com/asottile/pyupgrade: v2.31.0 → v2.31.1](asottile/pyupgrade@v2.31.0...v2.31.1)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
updates:
- [github.com/psf/black: 22.1.0 → 22.3.0](psf/black@22.1.0...22.3.0)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Fix lewway type error

* Add test case

* Update Korean translation

* Add type hints

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Fix translation

revert POT-Creation-Date

* update translation

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Andrew-Chen-Wang and others added 30 commits February 26, 2025 20:19
As per [discussion](#779 (comment)), this PR adds a warning if a developer tries to create the token for the non-active user.

Part of #779
* Mapping messages that needed to be translated.

* Generating pt_BR translation file, translating and reviewing.

* Adjust message references in pt_BR translations.

* Add translations for blacklisted token messages in languages other than pt_BR.
* Repair the type annotations in the TokenViewBase class.

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Ah, python3.9 did support parameterizing the 'type' type.  I wasn't sure.  So we don't need the Type from typing.

* The abstract type is BaseSerializer, not Serializer

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* fix: Do not copy `iat` claim from refresh token

* fix test by freezing time
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.9.7 → v0.9.10](astral-sh/ruff-pre-commit@v0.9.7...v0.9.10)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Ashwanth Balakrishnan <[email protected]>
* fix: add missing migration for token_blacklist app

PR #879 modified both the OutstandingToken and BlacklistedToken models Meta class, but did not include the migration. This commit adds the missing migration file.

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* test: Add check for ungenerated migrations

This adds a test to ensure all model changes are reflected in migrations.
If ungenerated migrations are detected, the test will fail, enforcing
migration consistency.

References:
- PR #894
- Issue #895

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
- Added Django 5.2 to the GitHub Actions workflow matrix
- Updated tox.ini to include Django 5.2 test environments
- Declared Django 5.2 support in setup.py classifiers and deps
This should fix #877.
* fix: always stringify user_id claim
* loose PyJWT requirement
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.9.10 → v0.12.3](astral-sh/ruff-pre-commit@v0.9.10...v0.12.3)
- [github.com/asottile/pyupgrade: v3.19.1 → v3.20.0](asottile/pyupgrade@v3.19.1...v3.20.0)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Andrew-Chen-Wang <[email protected]>
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.12.3 → v0.12.4](astral-sh/ruff-pre-commit@v0.12.3...v0.12.4)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Check user before passing it to the rule
* Use `Optional` in the type annotation for the default user authentication rule since the user can be `None`
* feat(auth): Revoke refresh token on password change

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* refactor(serializers): Correct validation order in TokenRefreshSerializer

* refactor: centralize password changed error messages in error dictionaries

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* feat(serializers): Add full user validation to sliding token refresh

Implements the same user validation logic (active status, password change)
in  to ensure consistent behavior with the
standard .

* refactor: Inline password hash comparison in serializers

Simplifies the conditional check by removing temporary variables for the token hash and user password hash.

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* BREAKING: return 401 AuthenticationFailed instead of 404 DoesNotExist for missing users

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
* Fix typo in changelog

* Update CHANGELOG.md
updates:
- [github.com/pre-commit/pre-commit-hooks: v5.0.0 → v6.0.0](pre-commit/pre-commit-hooks@v5.0.0...v6.0.0)
- [github.com/astral-sh/ruff-pre-commit: v0.12.4 → v0.12.10](astral-sh/ruff-pre-commit@v0.12.4...v0.12.10)
- [github.com/pre-commit/pre-commit-hooks: v5.0.0 → v6.0.0](pre-commit/pre-commit-hooks@v5.0.0...v6.0.0)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Andrew-Chen-Wang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.