Changelog

History

2.0.1 (2016-03-02)

  • Version number bump to upload a new package to PyPI. The previously-built wheel included some outdated files that we want to get rid of.

2.0.0 (2015-12-21)

  • Backwards Incompatible Change: Fix behavior of browserid_login and browserid_logout helpers to properly use a blank next value by default. This fixes a bug where projects usings the helpers would not use the Verify.success_url/Logout.redirect_url properties on the login/logout views.

    This may break custom JavaScript that relies on the data-next value on login and logout links generated by these helpers. Affected JavaScript should instead check the response returned when making login and logout requests to find the URL to redirect users to.

1.0.2 (2015-12-03)

  • Test against the release version of Django 1.9.
  • Fix Django 1.10 deprecation warnings.

1.0.1 (2015-11-02)

  • Add preliminary support for Django 1.9 and Python 3.5.
  • Distribute as a universal wheel.

1.0.0 (2015-04-30)

  • Drop support for Django 1.4 to 1.6 and add 1.8 support. We now support Django 1.7 and 1.8 across Python 2.7, 3.2, 3.3, and 3.4.
  • Removed fancy_tag dependency.

0.11.1 (2015-01-27)

  • Fix circular import bug with jingo that was blocking people from upgrading who were using jingo.

0.11 (2014-09-25)

  • Add support for local assertion verification instead of relying on the remote verification service if PyBrowserID is installed.
  • Add an auto-login backend to support offline local development when the Persona service isn’t available.
  • Run automated tests for Django 1.7.
  • Use the stateless Persona API, removing the need to work around issues involving Persona attempting to auto-login or auto-logout users.
  • Add support for setting an on_ready handler to be executed when the Persona API is ready to fetch assertions.
  • Fix broken Django admin integration.
  • Fix some issues around CSRF tokens used during the login process.
  • Improve logging when using the default verify view so that it doesn’t look like an error.
  • Various documentation updates.

0.10.1 (2014-05-02)

  • Add browserid_info helper back in. The previous method of fetching the Persona popup customization via AJAX caused browsers to trigger popup warnings when users attempted to log in, so we switched back to the old method of adding the info tag to pages.

0.10 (2014-04-15)

  • Massive documentation update, including upgrade instructions for older versions.
  • Support and test on Python 3.2 and 3.3, and Django 1.6!
  • Disable automatic login and logout coming from Persona. This also fixes logins being triggered in all open tabs on your site.
  • Replace in-page form for trigger logins with AJAX calls. Removes need for {% browserid_info %} template tag.
  • Drop six from requirements.
  • Replace SITE_URL setting with BROWSERID_AUDIENCES and make it optional when DEBUG is True.
  • Add support for logging-in to the admin interface with Persona.
  • Remove need to set custom context processor.
  • Replace verify function with the Verifier classes like RemoteVerifier.
  • And more!

0.9 (2013-08-25)

  • Add BROWSERID_VERIFY_CLASS to make it easier to customize the verification view.
  • Add hook to authentication backend for validating the user’s email.
  • Ensure backend attribute exists on user objects authenticated by django-browserid.
  • Prevent installation of the library as an unpackaged egg.
  • Add incomplete Python 3 support.
  • Fix an issue where users who logged in without Persona were being submitted to navigator.id.watch anyway.
  • Add CSS to make the login/logout buttons prettier.
  • Support for SITE_URL being an iterable.
  • Add support for lazily-evaluated BROWSERID_REQUEST_ARGS.
  • Add a small JavaScript API available on pages that include browserid.js.
  • Support running tests via python setup.py test.
  • Fix an infinite loop where logging in with a valid Persona account while BROWSERID_CREATE_USER is true would cause an infinite redirection.

0.8 (2013-03-05)

  • #97: Add BrowserIDException that is raised by verify when there are issues connecting to the remote verification service. Update the Verify view to handle these errors.
  • #125: Prevent the Verify view from running reverse on user input and add check to not redirect to URLs with a different host.
  • Remove ability to set a custom name for the Verify redirect parameter: it’s just next.
  • Replace browserid_button with browserid_login and browserid_logout, and make browserid_info a function.
  • #109: Fix issue with unicode strings in the extra_params kwarg for verify.
  • #110: Fix bug where kwargs to authenticate get passed as extra_params to verify. Instead, you can pass any extra parameters in browserid_extra. But please don’t, it’s undocumented for a reason. <3
  • #105: General documentation fixes, add more debug logging for common issues. Add BROWSERID_DISABLE_SANITY_CHECKS setting and remove the need to set SITE_URL in development.
  • Add form_extras parameter to browserid_button.
  • #101, #102: Update the default JavaScript to pass the current user’s email address into navigator.id.watch to avoid unnecessary auto-login attempts.
  • Add template functions/tags to use for embedding login/logout buttons instead of using your own custom HTML.
  • Add a url kwarg to verify that lets you specify a custom verification service to use.
  • Add documentation for setting up the library for development.
  • #103: BrowserIDForm now fails validation if the assertion given is non-ASCII.
  • Fix an error in the sample urlconf in the documentation.
  • #98: Fix a bug where login or logout buttons might not be detected by the default JavaScript correctly if <a> element contained extra HTML.
  • Add pass_mock kwarg to mock_browserid, which adds a new argument to the front of the decorated method that is filled with the Mock object used in place of _verify_http_request.
  • Any extra kwargs to BrowserIDBackend.authenticate are passed in the verify request as POST arguments (this will soon be removed, don’t rely on it).

0.7.1 (2012-11-08)

  • Add support for a working logout button. Switching to the Observer API in 0.7 made the issue that we weren’t calling navigator.id.logout more pronounced, so it makes sense to make a small new release to make it easier to add a logout button.

0.7 (2012-11-07)

  • Actually start updating the Changelog again.
  • Remove deprecated functions django_browserid.auth.get_audience and django_browserid.auth.BrowserIDBackend.verify, as well as support for DOMAIN and PROTOCOL settings.
  • Add small fix for infinite login loops.
  • Add automated testing for Django 1.3.4, 1.4.2, and 1.5a1.
  • Switch to using format for all string formatting (breaks Python 2.5 compatibility).
  • Add support for Django 1.5 Custom User Models.
  • Fix request timeouts so that they work properly.
  • Add ability to customize BrowserID login popup via arguments to navigator.id.request.
  • Update JavaScript to use the new Observer API.
  • Change browserid.org urls to login.persona.org.