Skip to content

Commit

Permalink
Merge pull request jazzband#168 from James1345/develop
Browse files Browse the repository at this point in the history
release 4.0
  • Loading branch information
belugame authored Feb 10, 2019
2 parents 4dfbdae + b82b10a commit bfb9a27
Show file tree
Hide file tree
Showing 24 changed files with 295 additions and 285 deletions.
7 changes: 7 additions & 0 deletions .isort.cfg
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[settings]
combine_as_imports = true
default_section = THIRDPARTY
include_trailing_comma = true
known_first_party = knox
multi_line_output = 5
not_skip = __init__.py
181 changes: 75 additions & 106 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,153 +1,122 @@
3.6.0
=====
## 4.0.0

- The user serializer for each `LoginView`is now dynamic
**BREAKING** This is a major release version because it
breaks the existing API.
Changes have been made to the `create()` method on the `AuthToken` model.
It now returns the model instance and the raw `token` instead
of just the `token` to allow the `expiry` field to be included in the
success response.

Model field of `AuthToken` has been renamed from `expires` to `expiry`
to remain consistent across the code base. This patch requires you
to run a migration.

3.5.0
=====
Depending on your usage you might have to adjust your code
to fit these new changes.

- The context, token TTL and tokens per user settings in `LoginView` are now dynamic
- `AuthToken` model field has been changed from `expires` to `expiry`
- Successful login now always returns a `expiry` field for when the token expires

## 3.6.0

- The user serializer for each `LoginView`is now dynamic

3.4.0
=====
## 3.5.0

- The context, token TTL and tokens per user settings in `LoginView` are now dynamic

## 3.4.0
Our release cycle was broken since 3.1.5, hence you can not find the previous releases on pypi. We now fixed the problem.

- Adds optional token limit
- #129, #128 fixed
- \#129, \#128 fixed
- Changelog and Readme converted to markdown
- Auth header prefix is now configurable
- We ensure not to have flake8 errors in our code during our build
- MIN_REFRESH_INTERVAL is now a configurable setting

## 3.3.1
- Ensure compatibility with Django 2.1 up to Python 3.7

3.3.1
=====

- Ensure compatibility with Django 2.1 up to Python 3.7

3.3.0
=====
## 3.3.0

- **Breaking changes**: Successful authentication **ONLY** returns
`Token` object by default
now.`USER_SERIALIZER` must be overridden to return more
data.

- Introduce new setting `MIN_REFRESH_INTERVAL` to configure the time
interval (in seconds) to wait before a token is automatically refreshed.

3.2.1
=====

- Fix !111: Avoid knox failing if settings are not overwritten

3.2.0
=====

- Introduce new setting AUTO_REFRESH for controlling if token expiry
time should be extended automatically

3.1.5
=====

- Make AuthTokenAdmin more compatible with big user tables
- Extend docs regarding usage of Token Authentication as single
authentication method.
## 3.2.1
- Fix !111: Avoid knox failing if settings are not overwritten

3.1.4
=====
## 3.2.0
- Introduce new setting AUTO_REFRESH for controlling if token expiry time should be extended automatically

- Fix compability with django-rest-swagger (bad inheritance)
## 3.1.5
- Make AuthTokenAdmin more compatible with big user tables
- Extend docs regarding usage of Token Authentication as single authentication method.

3.1.3
=====
## 3.1.4
- Fix compability with django-rest-swagger (bad inheritance)

- Avoid 500 error response for invalid-length token requests
## 3.1.3
- Avoid 500 error response for invalid-length token requests

3.1.2
=====
## 3.1.2
- restore compability with Python <2.7.7

- restore compability with Python <2.7.7
## 3.1.1
- use hmac.compare_digest instead of == for comparing hashes for more security

3.1.1
=====
## 3.1.0
- drop Django 1.8 support as djangorestframework did so too in v.3.7.0
- build rest-knox on Django 1.11 and 2.0

- use hmac.compare_digest instead of == for comparing hashes for more
security
## 3.0.3
- drop using OpenSSL in favor of urandom

3.1.0
=====
## 3.0.2
- Add context to UserSerializer
- improve docs

- drop Django 1.8 support as djangorestframework did so too in v.3.7.0
- build rest-knox on Django 1.11 and 2.0
## 3.0.1
- improved docs and readme
- login response better supporting hyperlinked fields

3.0.3
=====
## 3.0.0
**Please be aware: updating to this version requires applying a database migration. All clients will need to reauthenticate.**

- drop using OpenSSL in favor of urandom
- Big performance fix: Introduction of token_key field to avoid having to compare a login request's token against each and every token in the database (issue #21)
- increased test coverage

3.0.2
=====
## 2.2.2
- Bugfix: invalid token length does no longer trigger a server error
- Extending documentation

- Add context to UserSerializer
- improve docs
## 2.2.1
**Please be aware: updating to his version requires applying a database migration**

3.0.1
=====

- improved docs and readme
- login response better supporting hyperlinked fields

3.0.3
=====

- drop using OpenSSL in favor of urandom

3.0.2
=====

- Add context to UserSerializer
- improve docs

3.0.1
=====

- improved docs and readme
- login response better supporting hyperlinked fields

3.0.0
=====

**Please be aware: updating to this version requires applying a database
migration. All clients will need to reauthenticate.**

- Big performance fix: Introduction of token_key field to avoid
having to compare a login request's token against each and every
token in the database (issue #21)
- increased test coverage

2.2.2
=====
- Introducing token_key to avoid loop over all tokens on login-requests
- Signals are sent on login/logout
- Test for invalid token length
- Cleanup in code and documentation

- Bugfix: invalid token length does no longer trigger a server error
- Extending documentation

2.2.1
=====
## 2.2.0

**Please be aware: updating to this version requires applying a database
migration**
- Change to support python 2.7

- Introducing token_key to avoid loop over all tokens on
login-requests
- Signals are sent on login/logout
- Test for invalid token length
- Cleanup in code and documentation
## 2.0.0
- Hashing of tokens on the server introduced.
- Updating to this version will clean the AuthToken table. In real terms, this
means all users will be forced to log in again.

2.2.0
=====
## 1.1.0
- `LoginView` changed to respect `DEFAULT_AUTHENTICATION_CLASSES`

- Change to support python 2.7
## 1.0.0
- Initial release
28 changes: 28 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,3 +50,31 @@ Django versions.

You could also simply run regular ``tox`` in the root folder as well, but that would make testing the matrix of
Python / Django versions a bit more tricky.

# Work on the documentation

Our documentation is generated by [Mkdocs](https://www.mkdocs.org).

You can refer to their documentation on how to install it locally.

Another option is to use `mkdocs.sh` in this repository.
It will run mkdocs in a [docker](https://www.docker.com/) container.

Running the script without any params triggers the `serve` command.
The server is exposed on localhost on port 8000.

To configure the port the `serve` command will be exposing the server to, you
can use the following env var:

```
MKDOCS_DEV_PORT="8080"
```

You can also pass any `mkdocs` command like this:

```
./mkdocs build
./mkdocs --help
```

Check the [Mkdocs documentation](https://www.mkdocs.org/) for more.
1 change: 1 addition & 0 deletions docs/changelog.md
92 changes: 0 additions & 92 deletions docs/changes.md

This file was deleted.

2 changes: 1 addition & 1 deletion docs/settings.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ REST_KNOX = {
'TOKEN_TTL': timedelta(hours=10),
'USER_SERIALIZER': 'knox.serializers.UserSerializer',
'TOKEN_LIMIT_PER_USER': None,
'AUTO_REFRESH': FALSE,
'AUTO_REFRESH': False,
}
#...snip...
```
Expand Down
2 changes: 2 additions & 0 deletions docs/views.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ helper methods:
---
When the endpoint authenticates a request, a json object will be returned
containing the `token` key along with the actual value for the key by default.
The success response also includes a `expiry` key with a timestamp for when
the token expires.

> *This is because `USER_SERIALIZER` setting is `None` by default.*
Expand Down
1 change: 1 addition & 0 deletions knox/admin.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
from django.contrib import admin

from knox import models


Expand Down
Loading

0 comments on commit bfb9a27

Please sign in to comment.