Conversation
|
@mart-e how good is to see you contributing to OCA! Thanks for the PR. I see that you have realized about the split of server-tools as it was very over-crowded. The only problem is about commit history. Please see migration guide https://github.com/OCA/maintainer-tools/wiki/Migration-to-version-11.0, but in this case you will need to add as remote server-tools and change slightly the |
* [ADD] res_users_password_security: New module * Create new module to lock down user passwords * [REF] res_users_password_security: PR Review fixes * Also add beta pass history rule * [ADD] res_users_password_security: Pass history and min time * Add pass history memory and threshold * Add minimum time for pass resets through web reset * Begin controller tests * Fix copyright, wrong year for new file * Add tests for password_security_home * Left to do web_auth_reset_password * Fix minimum reset threshold and finish tests * Bug fixes per review * [REF] password_security: PR review improvements * Change tech name to password_security * Use new except format * Limit 1 & new api * Cascade deletion for pass history * [REF] password_security: Fix travis + style * Fix travis errors * self to cls * Better variable names in tests * [FIX] password_security: Fix travis errors
* Bump versions * Installable to True * Add Usage section to ReadMe w/ Runbot link * `_crypt_context` now directly exposes the `CryptContext` * Change all instances of openerp to odoo
* Add current time as password_write_date for admin user in demo, disabling the reset prompt - fixes OCA#652
* Switch security to be on correct model to fix OCA#674
…ord invalid (OCA#859) * [FIX] password_security: Fix password stored * [REF] password_security: use a unified check_password private method to validate rules and history password
* Add logic to overloaded web_login action to log out users with expired passwords, preventing the password reset from being ignored * Add unit test for new logic
Move to server-auth Bump version number Remove coding utf-8
mart-e
force-pushed
the
11.0-migrate-password-security
branch
from
826b022 to
2e79a99
Compare
|
There's already another PR for the same module in #3. This one passes all the CIs and the other not, but we should agree what to do, as first PR usually has priority. |
|
Oh I missed that one. Sure, if he fixes all the issues, it should have the priority obviously. |
|
FYI, the issue in the rendering of the error message was fixed upstream at odoo/odoo@c3bf1618bd9 |
|
Thanks for that, Martin! |
|
Oops, I think we should close this in favor of #3, no? |
Syncing from upstream OCA/server-auth (11.0)
…que-user [IMP] Ensure login unicity for users coming from cross server client
8 participants
Move to server-auth
Bump version number
Remove coding utf-8
As it is the hacktoberfest, it is the occasion to help outside projects than Odoo
Note: while testing this module, I noticed the error message during signup to be badly formed (
('Password must be 12 characters or more.\rMust contain the following:\r\n* Lowercase letter\r\n* Uppercase letter\r\n* Numeric digit\r\n* Special character', '')) but it looks this is actually a bug ofauth_signupthatUserErrorare not properly displayed in the signup form.Will check on core how to fix that so you may want to wait that this bug is fixed before merging this one.