Details
-
Type:
Task
-
Status:
Closed
-
Priority:
Major
-
Resolution: Cannot Reproduce
-
Affects Version/s: TAG 2018/19 Sprint 1
-
Fix Version/s: TAG 2018/19 Sprint 1
-
Component/s: OIOIOI
-
Labels:
Description
Session verification will become mandatory in Django 1.10. Please add 'django.contrib.auth.middleware.SessionAuthenticationMiddleware' to your MIDDLEWARE_CLASSES setting when you are ready to opt-in after reading the upgrade considerations in the 1.8 release notes.
Main part of this issue is understanding consequences for IP/DNS authentication of the SessionAuthenticationMiddleware
Main part of this issue is understanding consequences for IP/DNS authentication of the SessionAuthenticationMiddleware
Issue Links
- blocks
-
SIO-2154
Increment Django version to 1.10
-
Activity
- All
- Comments
- History
- Activity
- Transitions
- Commits
Hide
Artur Puzio
added a comment -
Permalink
Artur Puzio
added a comment - https://docs.djangoproject.com/en/2.1/topics/auth/default/#session-invalidation-on-password-change
Show
Artur Puzio
added a comment - https://docs.djangoproject.com/en/2.1/topics/auth/default/#session-invalidation-on-password-change
Artur Puzio
added a comment - https://docs.djangoproject.com/en/2.1/topics/auth/default/#session-invalidation-on-password-change When logging in, a hash of user's password (user.get_session_auth_hash()) is saved in user's session and verified on each request.
Therefore, it should not break things for us in terms of ipdnsauth.
Therefore, it should not break things for us in terms of ipdnsauth.
Show
Michał Sidor
added a comment - When logging in, a hash of user's password (user.get_session_auth_hash()) is saved in user's session and verified on each request.
Therefore, it should not break things for us in terms of ipdnsauth.
Michał Sidor
added a comment - When logging in, a hash of user's password (user.get_session_auth_hash()) is saved in user's session and verified on each request.
Therefore, it should not break things for us in terms of ipdnsauth. 
