django-magiclink
django-magiclink copied to clipboard
pyepye
Passwordless authentication for Django with magic links.
Security
Please, check django.contrib.auth views and decorators. IMHO we should include ``` @method_decorator(sensitive_post_parameters()) @method_decorator(csrf_protect) @method_decorator(never_cache) ``` decorators and do some additional checks for `next` url using `url_has_allowed_host_and_scheme`.
fixed https://github.com/pyepye/django-magiclink/issues/27 instead of https://github.com/pyepye/django-magiclink/pull/28
@pyepye thanks for providing this wonderful library really great work. I just found a missing migration and provide it via PR. Feel free to take a look and merge it...
https://github.com/pyepye/django-magiclink/blob/70a3ea9e2c493e036042ab16ca85d841a14384ad/pyproject.toml#L18 https://pypi.org/project/packaging/
Bumps [django](https://github.com/django/django) from 3.2.20 to 3.2.23. Commits 60e648a [3.2.x] Bumped version for 3.2.23 release. f9a7fb8 [3.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows. e6d2591 [3.2.x] Added stub...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
It would be very useful if there was a setting such that the email value is hashed instead of plaintext wherever it is used. This would alleviate having to deal...
Bumps [pytest](https://github.com/pytest-dev/pytest) from 5.4.3 to 7.0.1. Release notes Sourced from pytest's releases. 7.0.1 pytest 7.0.1 (2022-02-11) Bug Fixes #9608: Fix invalid importing of importlib.readers in Python 3.9. #9610: Restore [UnitTestFunction.obj]{.title-ref}...
I've noticed, while building an app using django-magiclink, that the behavior of the `Login` view differs between a valid and invalid email addresses. Depending on the context of the application...
