Re: New Feature: Allow password reset token to expire in under a day

[nleblanc]

+1

Would also be nice if there was a way to "clear / invalidate" current token 
for a given user

On Wednesday, September 20, 2017 at 10:56:21 PM UTC-4, Zhiqiang Liu wrote:
>
> I need general consensus on how to proceed with supporting password expire 
> time to be under a day. Currently it is not possible because we use 
> PASSWORD_RESET_TIMEOUT_DAYS.
>
> In ticket 28622  we have two 
> options. 
>
> One is to continue to use the same setting PASSWORD_RESET_TIMEOUT_DAYS, 
> but change the value to non-integer (such as timedelta) so we can send 
> hours, minutes, etc to it.
>
> The other one is to create a new setting like PASSWORD_RESET_TIMEOUT which 
> takes seconds.To support backward compatibility, I think we should keep 
> PASSWORD_RESET_TIMEOUT_DAYS and its default value of 3. Only use 
> PASSWORD_RESET_TIMEOUT when provided.
>
> I'm unsure which one is better, so inputs are welcome.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/fab5e09c-2170-4572-a551-edb4f1cd9a74%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Additional PostgreSQL-specific functions

[Joey Wilhelm]

Ping!

Is there any chance of getting some additional guidance on these? I'd love
to get these contributed, if they are welcome!

-Joey Wilhelm

On Fri, Nov 17, 2017 at 1:22 PM, Joey Wilhelm  wrote:

> I did come upon that ticket, but I wasn't sure this necessarily belonged
> as part of it, given that these are not methods which are widely available
> across different engines. That said, I would gladly add them there. I'm
> just eager to spin up a PR or two. :-)
>
> On Fri, Nov 17, 2017 at 1:12 PM, Matthew Pava 
> wrote:
>
>> I wonder if we should put that in this ticket:
>>
>> https://code.djangoproject.com/ticket/28643
>>
>>
>>
>>
>>
>> *From:* django-developers@googlegroups.com [mailto:django-developers@goog
>> legroups.com] *On Behalf Of *Joey Wilhelm
>> *Sent:* Friday, November 17, 2017 2:02 PM
>> *To:* django-developers@googlegroups.com
>> *Subject:* Additional PostgreSQL-specific functions
>>
>>
>>
>> Greetings,
>>
>>
>>
>> Yesterday I opened a ticket[1] for a "RegexpReplace" method for
>> PostgreSQL. After some talk and encouragement over in IRC, I have
>> additionally created a "SubstrFrom" function for PostgreSQL, which allows
>> you to use a regex match in order to extract your substring.
>>
>>
>>
>> So at this point, I have a couple of questions.
>>
>>
>>
>> 1) Are these things which would likely get integrated into core?
>>
>> 2) If so, should I put them into separate tickets or would I be able to
>> combine them into a single?
>>
>> 3) Should they be added to the PostgreSQL specific library? Oracle does
>> have both of these pieces of functionality, but I believe it is the only
>> popular engine aside from PostgreSQL which does.
>>
>>
>>
>> I have the code for both of these implemented in my local project, along
>> with tests, so I would love to contribute them if possible.
>>
>>
>>
>> Thank you!
>>
>>
>>
>>
>>
>> [1]: https://code.djangoproject.com/ticket/28805
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django developers (Contributions to Django itself)" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-developers+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-developers@googlegroups.com.
>> Visit this group at https://groups.google.com/group/django-developers.
>> To view this discussion on the web visit https://groups.google.com/d/ms
>> gid/django-developers/CADBkHd%2Be3GodbKvDFXq0dAgwzs4n%3DFgLG
>> HTYsbhuiQWDOcB64Q%40mail.gmail.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django developers (Contributions to Django itself)" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-developers+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-developers@googlegroups.com.
>> Visit this group at https://groups.google.com/group/django-developers.
>> To view this discussion on the web visit https://groups.google.com/d/ms
>> gid/django-developers/fa1db399bca544eebeeb0b261752ffeb%40ISS1.ISS.LOCAL
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/CADBkHdJ0PzumHrq96HCv0LP7jTjLtZjrXxSC9WVibnQ7E6Nw_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Password validation Error with Latin characters

[Ramiro Morales]

Adrian,

I suspect:

1) Django is doing its work: It's checking the strenght and robustness of
the password. It's detecting the password the user has chosen is too
similar to their user name.

2) So, the fact the text shown has latin characters has nothng to do with
the issue you are seeing.

3) The translation ('es') you are using isn't correct (
https://github.com/django/django/blob/1a34dfcf797640d5d580d261694cb54e6f97c552/django/contrib/auth/locale/es/LC_MESSAGES/django.po#L258)
and this might be what is misleading you.

   The original English text is

 The password is too similar to the %(verbose_name)s.

   and the translation should be:

 La contraseña es demasiado similar a {{ verbose_name }}

   verbose_name has the value "nombre de usuario" in this context.

   To confirm this you could temporarily set the languante to English
(en-us) or to the es-ar (castellano as it's used in Argentina) and verify
the original text/a more correct translation (
https://github.com/django/django/blob/1a34dfcf797640d5d580d261694cb54e6f97c552/django/contrib/auth/locale/es_AR/LC_MESSAGES/django.po#L253
)

As Claude said, Please open a thread in the django-users mailing lis i f
you need to follow up this.


On Thu, Nov 30, 2017 at 9:09 AM, Adrian Mansilla 
wrote:

> Thanks for the reply.
> I assumed that the error is in django because I do not send that message,
> Django sends it, the error is in:
>
> django/contrib/auth/password_validation.py
>
> And it's because my configuration is in Spanish.
>
> El jueves, 30 de noviembre de 2017, 3:48:28 (UTC-4), Claude Paroz escribió:
>>
>> Hi Adrian,
>>
>> I don't see anything related to Django development in your post. Maybe
>> this was more for the django-users mailing list?
>>
>> Claude
>>
>> Le jeudi 30 novembre 2017 02:39:31 UTC+1, Adrian Mansilla a écrit :
>>>
>>> I am using the function 'validate_password (password, new_user)' and I
>>> have my settings configured in Spanish, the problem comes when the
>>> validate_password function raises an error with the word 'contraseña' and
>>> shows me this error:
>>> ValidationError: [u'La contrase\xf1a es demasiado similar a la de nombre
>>> de usuario.']
>>> I am using python 2.7 and Django 1.11.4
>>>
>>> This is the traceback:
>>>
>>> Traceback (most recent call last):
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/exception.py",
>>>  line 41, in inner
>>> response = get_response(request)
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/base.py",
>>>  line 187, in _get_response
>>> response = self.process_exception_by_middleware(e, request)
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/base.py",
>>>  line 185, in _get_response
>>> response = wrapped_callback(request, *callback_args, **callback_kwargs)
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/contrib/auth/decorators.py",
>>>  line 23, in _wrapped_view
>>> return view_func(request, *args, **kwargs)
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/utils/decorators.py",
>>>  line 185, in inner
>>> return func(*args, **kwargs)
>>>   File "/Users/adrianmansilla/Documents/sisgos/sisgos/company/views.py", 
>>> line 129, in new_user
>>> validate_password(password, new_user)
>>>   File 
>>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/contrib/auth/password_validation.py",
>>>  line 56, in validate_password
>>> raise ValidationError(errors)
>>> ValidationError: [u'La contrase\xf1a es demasiado similar a la de nombre de 
>>> usuario.']
>>>
>>> --
> You received this message because you are subscribed to the Google Groups
> "Django developers (Contributions to Django itself)" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-developers+unsubscr...@googlegroups.com.
> To post to this group, send email to django-developers@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-developers.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/django-developers/867d623d-7707-4f16-a779-
> 293d8643b80f%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Ramiro Morales
@ramiromorales

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups

Re: Feature request: get_first_or_404

[Robert Roskam]

I'd like a better fleshed out example from OP, as it seems trivial to 
implement yourself whenever you need it. It may be that I'm not 
understanding the suggestion.

On Wednesday, November 29, 2017 at 2:20:39 AM UTC-5, Sergey Fedoseev wrote:
>
> IMO it shouldn't be added to Django because the same thing can be done in 
> one line: get_object_or_404(qs[:1]), but we could add such using to 
> get_object_or_404() docs.
>
> On Wednesday, November 29, 2017 at 3:41:54 AM UTC+5, Piotr Domański wrote:
>>
>> Currently we have get_object_or_404 and get_list_or_404 but sometimes we 
>> just want to get first matching record for some criteria.
>> If criteria aren't unique then get_object_or_404 raises 
>> MultipleObjectsReturned so request ends with internal server error.
>>
>> My idea is to add function which returns just first matching element and 
>> ends with 404 if no elements match.
>> This function will have parameter order_by (optional or required) of type 
>> List['str'] 
>> which determines which element choose first if there are many matching 
>> elements.
>>
>> In my opinion addition of this feature is good idea, because it is useful 
>> and safe for Django framework.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/9df713de-2141-4a3e-91ab-141a6e8d47dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Password validation Error with Latin characters

[Adrian Mansilla]

Thanks for the reply.
I assumed that the error is in django because I do not send that message, 
Django sends it, the error is in:

django/contrib/auth/password_validation.py

And it's because my configuration is in Spanish.

El jueves, 30 de noviembre de 2017, 3:48:28 (UTC-4), Claude Paroz escribió:
>
> Hi Adrian,
>
> I don't see anything related to Django development in your post. Maybe 
> this was more for the django-users mailing list?
>
> Claude
>
> Le jeudi 30 novembre 2017 02:39:31 UTC+1, Adrian Mansilla a écrit :
>>
>> I am using the function 'validate_password (password, new_user)' and I 
>> have my settings configured in Spanish, the problem comes when the 
>> validate_password function raises an error with the word 'contraseña' and 
>> shows me this error:
>> ValidationError: [u'La contrase\xf1a es demasiado similar a la de nombre 
>> de usuario.']
>> I am using python 2.7 and Django 1.11.4
>>
>> This is the traceback:
>>
>> Traceback (most recent call last):
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/exception.py",
>>  line 41, in inner
>> response = get_response(request)
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/base.py",
>>  line 187, in _get_response
>> response = self.process_exception_by_middleware(e, request)
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/core/handlers/base.py",
>>  line 185, in _get_response
>> response = wrapped_callback(request, *callback_args, **callback_kwargs)
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/contrib/auth/decorators.py",
>>  line 23, in _wrapped_view
>> return view_func(request, *args, **kwargs)
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/utils/decorators.py",
>>  line 185, in inner
>> return func(*args, **kwargs)
>>   File "/Users/adrianmansilla/Documents/sisgos/sisgos/company/views.py", 
>> line 129, in new_user
>> validate_password(password, new_user)
>>   File 
>> "/Users/adrianmansilla/Documents/sisgos/venv/lib/python2.7/site-packages/django/contrib/auth/password_validation.py",
>>  line 56, in validate_password
>> raise ValidationError(errors)
>> ValidationError: [u'La contrase\xf1a es demasiado similar a la de nombre de 
>> usuario.']
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/867d623d-7707-4f16-a779-293d8643b80f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.