Fixes#389
Remove monkey-patching from the application loader phase
and use the Django authentication stack for lockout signals.
Utilize custom AUTHENTICATION_BACKENDS and MIDDLEWARE with signals
with backwards compatible implementation of features.
Update documentation, configuration and migration instructions
to match the new configuration and improve the code commentation.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
The test did not work correctly because the admin login view
does not accept JSON input, but instead produces an error on JSON POST.
It appeared to be functional and working because the
monkey-patched decorator returned a HTTP 403 when a user was accessing the view.
This did not actually result from a failed login,
but from a premature view permission checking that was not sane.
The HTTP 403 was produced by the login function decorator
before the user was ever accessing or using the actual view.
After modifying the view checking logic to run on a login attempt
instead of before attempt (ie when accessing the view)
the admin view error that resulted from missing form POST data
was discovered and since no easy fix was available without
writing a custom view the broken test case was removed altogether.
The correct fix for supporting JSON payloads and mimetypes
can be implemented by writing a login view that supports
JSON login via eg HTTP AJAX POST and produces the same errors.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
- Use manage.py for running tests instead of a custom script
- Drop support for Python 3.5 for Django master for tox and Travis
- Run branch coverage tests in addition to line coverage
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
Changing username or password will generate a convoluted patch
if they are on multiple different lines if they are not grouped
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
Revert some of the PR changes to tests to make sure that all of the
old format function invocations work with the old and new tests.
Implement small enchancements to documentation and credentials resolving
for usability and flexibility with custom authentication backends.
Update documentation to indicate that backwards compatibility
is supported as well as the new format credentials invocations.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
