Password expiration #223

Merged
merged 7 commits into from Sep 9, 2016

Conversation

Projects
None yet
4 participants
@grahamu
Contributor

grahamu commented Sep 2, 2016

Adds password expiration capability.
Adds password history.
Allows per-user setting of password expiration as well as global expiry value.
Permits disabling password history feature.
Permits specifying "no expiration".
Checks password expiration on each login. Does not check password expiration on each request.

Password history will allow password validation which enforces "cannot use old passwords" rule and other cases.

Needs tests.

grahamu added some commits Sep 1, 2016

Refactor common password change views
Bring common code into PasswordChangeMixin.
Add PasswordHistory and PasswordExpiry
Update views to save password upon signup, change pw, or reset pw.
Update LoginView to check for expired password.

Added ACCOUNT_PASSWORD_USE_HISTORY (True/False) for determining whether
or not to check password expiration.

Added ACCOUNT_PASSWORD_EXPIRY (positive int) for number of seconds until
password expires from last time it was set.
@coveralls

This comment has been minimized.

Show comment
Hide comment
@coveralls

coveralls Sep 2, 2016

Coverage Status

Coverage increased (+0.5%) to 68.46% when pulling 3635946 on password-expiration into b2691a6 on master.

coveralls commented Sep 2, 2016

Coverage Status

Coverage increased (+0.5%) to 68.46% when pulling 3635946 on password-expiration into b2691a6 on master.

Add password expiration tests
Add makemigrations.py.
@paltman

This comment has been minimized.

Show comment
Hide comment
@paltman

paltman Sep 9, 2016

Member

@brosner can we get your feedback on this, pretty please?

Member

paltman commented Sep 9, 2016

@brosner can we get your feedback on this, pretty please?

@coveralls

This comment has been minimized.

Show comment
Hide comment
@coveralls

coveralls Sep 9, 2016

Coverage Status

Coverage increased (+1.03%) to 68.984% when pulling a7a58eb on password-expiration into b2691a6 on master.

coveralls commented Sep 9, 2016

Coverage Status

Coverage increased (+1.03%) to 68.984% when pulling a7a58eb on password-expiration into b2691a6 on master.

Remove Python 3.2 from test matrix
Add Django v1.10 to test matrix.
@coveralls

This comment has been minimized.

Show comment
Hide comment
@coveralls

coveralls Sep 9, 2016

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

@coveralls

This comment has been minimized.

Show comment
Hide comment
@coveralls

coveralls Sep 9, 2016

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

@coveralls

This comment has been minimized.

Show comment
Hide comment
@coveralls

coveralls Sep 9, 2016

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

coveralls commented Sep 9, 2016

Coverage Status

Coverage increased (+1.3%) to 69.283% when pulling 76ced62 on password-expiration into b2691a6 on master.

@grahamu grahamu changed the title from WIP - Password expiration to Password expiration Sep 9, 2016

@brosner

This comment has been minimized.

Show comment
Hide comment
@brosner

brosner Sep 9, 2016

Member

LGTM. Going to merge.

Member

brosner commented Sep 9, 2016

LGTM. Going to merge.

@brosner brosner merged commit 384476a into master Sep 9, 2016

3 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
coverage/coveralls Coverage increased (+1.3%) to 69.283%
Details

@brosner brosner deleted the password-expiration branch Sep 9, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment