From 04c15fdc4da0c46510e37d4ba790c02e84c1e733 Mon Sep 17 00:00:00 2001 From: Taiwo ADEGITE Date: Tue, 26 Jul 2022 02:27:34 +0100 Subject: [PATCH 1/6] Updated README.md Changes made were done to make the README.md easy to read. --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 203db1f1..5303435e 100644 --- a/README.md +++ b/README.md @@ -5,13 +5,13 @@ django-rest-knox Authentication Module for django rest auth -Knox provides easy to use authentication for [Django REST +Knox provides easy-to-use authentication for [Django REST Framework](https://www.django-rest-framework.org/) The aim is to allow -for common patterns in applications that are REST based, with little +for common patterns in applications that are REST-based, with little extra effort; and to ensure that connections remain secure. -Knox authentication is token based, similar to the `TokenAuthentication` -built in to DRF. However, it overcomes some problems present in the +Knox authentication is token-based, similar to the `TokenAuthentication` +built into DRF. However, it overcomes some problems present in the default implementation: - DRF tokens are limited to one per user. This does not facilitate @@ -23,13 +23,14 @@ default implementation: client to have its own token which is deleted on the server side when the client logs out. - Knox also provides an option for a logged in client to remove *all* + Knox also provides an option for a logged-in client to remove *all* tokens that the server has - forcing all clients to re-authenticate. - DRF tokens are stored unencrypted in the database. This would allow - an attacker unrestricted access to an account with a token if the + an attacker unrestricted access to an account with a token if the database were compromised. + Knox tokens are only stored in a secure hash form (like a password). Even if the database were somehow stolen, an attacker would not be able to log in with the stolen credentials. @@ -55,7 +56,7 @@ Python / Django versions a bit more tricky. Our documentation is generated by [Mkdocs](https://www.mkdocs.org). -You can refer to their documentation on how to install it locally. +You can refer to their [documentation](https://www.mkdocs.org/user-guide/installation/) on how to install it locally. Another option is to use `mkdocs.sh` in this repository. It will run mkdocs in a [docker](https://www.docker.com/) container. From 1796ad834969785a1a315e44bdbd2fd0e81bd355 Mon Sep 17 00:00:00 2001 From: Taiwo ADEGITE Date: Tue, 26 Jul 2022 03:02:00 +0100 Subject: [PATCH 2/6] Undated index.md --- docs/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/index.md b/docs/index.md index 1619797b..4a674fed 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,10 +1,10 @@ # Django-Rest-Knox -Knox provides easy to use authentication for [Django REST Framework](https://www.django-rest-framework.org/) +Knox provides easy-to-use authentication for [Django REST Framework](https://www.django-rest-framework.org/) The aim is to allow for common patterns in applications that are REST based, with little extra effort; and to ensure that connections remain secure. Knox authentication is token based, similar to the `TokenAuthentication` built -in to DRF. However, it overcomes some problems present in the default implementation: +into DRF. However, it overcomes some problems present in the default implementation: - DRF tokens are limited to one per user. This does not facilitate securely signing in from multiple devices, as the token is shared. It also requires From 9b341681d1cd74d0e91d62c93953d12033dbc458 Mon Sep 17 00:00:00 2001 From: nbro Date: Mon, 1 Apr 2024 23:08:49 +0200 Subject: [PATCH 3/6] Fix README.md --- README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 8a5ca1d7..eec181ac 100644 --- a/README.md +++ b/README.md @@ -4,10 +4,10 @@ django-rest-knox [![Jazzband](https://jazzband.co/static/img/badge.svg)](https://jazzband.co/) [![image](https://github.com/jazzband/django-rest-knox/workflows/Test/badge.svg?branch=develop)](https://github.com/jazzband/django-rest-knox/actions) -Authentication Module for django rest auth +Authentication module for Django rest auth. Knox provides easy to use authentication for [Django REST -Framework](https://www.django-rest-framework.org/) The aim is to allow +Framework](https://www.django-rest-framework.org/). The aim is to allow for common patterns in applications that are REST based, with little extra effort; and to ensure that connections remain secure. @@ -44,8 +44,7 @@ More information can be found in the # Run the tests locally -If you need to debug a test locally and if you have [docker](https://www.docker.com/) installed: - +If you need to debug a test locally and if you have [docker](https://www.docker.com/) installed, simply run the ``./docker-run-tests.sh`` script and it will run the test suite in every Python / Django versions. From 7d21736ff60c590c9f0531c7c53b7e2d0f46417e Mon Sep 17 00:00:00 2001 From: Angus Holder Date: Fri, 26 Apr 2024 17:35:10 +0100 Subject: [PATCH 4/6] Avoid importing `django.test` in main code `setting_changed` is actually from `django.core.signals`, and is re-exported from `django.test.signals`. `django.test` takes 20-40ms to import, so not too much, but it's an easy win to avoid this import. --- knox/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knox/settings.py b/knox/settings.py index d1b09347..a2c3d9c8 100644 --- a/knox/settings.py +++ b/knox/settings.py @@ -1,7 +1,7 @@ from datetime import timedelta from django.conf import settings -from django.test.signals import setting_changed +from django.core.signals import setting_changed from rest_framework.settings import APISettings, api_settings USER_SETTINGS = getattr(settings, 'REST_KNOX', None) From cde8a888bff833dca3ee503699c701dfc4de0150 Mon Sep 17 00:00:00 2001 From: Giovanni Cimolin Date: Fri, 3 May 2024 10:33:46 +0200 Subject: [PATCH 5/6] feat: Add action to build and deploy pages to GH-Pages --- .github/workflows/gh-pages.yml | 34 ++++++++++++++++++++++++++++++++++ mkdocs.sh | 2 +- 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/gh-pages.yml diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml new file mode 100644 index 00000000..7f3937b6 --- /dev/null +++ b/.github/workflows/gh-pages.yml @@ -0,0 +1,34 @@ +name: Publish Docs to GitHub Pages + +permissions: + contents: write + +on: + push: + branches: + - develop + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.x + + - name: Install dependencies + run: pip install mkdocs-material + + - name: Build docs + run: mkdocs build + + - name: Deploy to GitHub Pages + uses: peaceiris/actions-gh-pages@v3 + with: + personal_token: ${{ secrets.GITHUB_TOKEN }} + publish_dir: ./site \ No newline at end of file diff --git a/mkdocs.sh b/mkdocs.sh index ac64849e..8365e1ae 100755 --- a/mkdocs.sh +++ b/mkdocs.sh @@ -9,4 +9,4 @@ docker run --rm -it \ -w $MOUNT_FOLDER \ -p $MKDOCS_DEV_PORT:$MKDOCS_DEV_PORT \ -e MKDOCS_DEV_ADDR="$MKDOCS_DEV_ADDR:$MKDOCS_DEV_PORT" \ - squidfunk/mkdocs-material:3.2.0 $* + squidfunk/mkdocs-material:latest $* From f7eae694191d2a8b9c7dcbb9a88d0738a4036259 Mon Sep 17 00:00:00 2001 From: Calum Young Date: Sat, 4 May 2024 22:02:39 +0100 Subject: [PATCH 6/6] Remove flake8 and isort from tox config --- tox.ini | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/tox.ini b/tox.ini index 3a159a54..aaf77486 100644 --- a/tox.ini +++ b/tox.ini @@ -1,25 +1,9 @@ [tox] envlist = - isort, - flake8, py{36,37,38,39,310}-django32, py{38,39,310,311,312}-django42, py{310,311,312}-django50, -[testenv:flake8] -deps = flake8 -changedir = {toxinidir} -commands = flake8 knox - -[testenv:isort] -deps = isort -changedir = {toxinidir} -commands = isort --check-only --diff \ - knox \ - knox_project/views.py \ - setup.py \ - tests - [testenv] commands = python manage.py migrate @@ -33,7 +17,6 @@ deps = django42: Django>=4.2,<4.3 django50: Django>=5.0,<5.1 markdown>=3.0 - isort>=5.0 djangorestframework freezegun mkdocs @@ -50,5 +33,5 @@ python = 3.8: py38 3.9: py39 3.10: py310 - 3.11: py311, isort, flake8 + 3.11: py311 3.12: py312