Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-+-
 Reporter:  Javier Torres|Owner:  Sosshi
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  contrib.auth |  Version:  4.0
 Severity:  Normal   |   Resolution:  wontfix
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by Carlton Gibson):

 Ah, thanks Mariusz.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018123e48102-b01eeede-170e-42a2-95f6-88de7933a5d7-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS (was: Deprecate make_random_password() method.)

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-+-
 Reporter:  Javier Torres|Owner:  Sosshi
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  contrib.auth |  Version:  4.0
 Severity:  Normal   |   Resolution:  wontfix
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by Mariusz Felisiak):

 * status:  new => closed
 * resolution:   => wontfix
 * stage:  Accepted => Unreviewed


Comment:

 Carlton, I added a separate ticket for deprecation, see #33764.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018123e26c95-3cbbe5c7-d9ab-46c1-a087-e08de3a02e18-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-+-
 Reporter:  Javier Torres|Owner:  Sosshi
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  contrib.auth |  Version:  4.0
 Severity:  Normal   |   Resolution:  wontfix
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by David Wobrock):

 * type:  Uncategorized => Cleanup/optimization
 * component:  Uncategorized => contrib.auth


Comment:

 Oopsie

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018123ac4829-ade42547-e787-464e-9497-06e5c288e455-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
---+--
 Reporter:  Javier Torres  |Owner:  Sosshi
 Type:  Uncategorized  |   Status:  closed
Component:  Uncategorized  |  Version:  4.0
 Severity:  Normal |   Resolution:  wontfix
 Keywords: | Triage Stage:  Unreviewed
Has patch:  0  |  Needs documentation:  0
  Needs tests:  0  |  Patch needs improvement:  0
Easy pickings:  0  |UI/UX:  0
---+--
Changes (by David Wobrock):

 * type:  Cleanup/optimization => Uncategorized
 * component:  contrib.auth => Uncategorized


Comment:

 One could imagine use cases for this function. For example a website that
 automatically creates accounts and sends out the plain passwords (through
 email, or something more secure) for a first log in - but then forces
 password change on first use.

 But I agree with Carlton (and Russell) that Django shouldn't "encourage"
 this, since the implementation then requires some special attention.
 +1 for deprecating this function

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018123abaa94-d597ce1c-aa4a-4dc0-b72f-efd46ef4febc-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-+-
 Reporter:  Javier Torres|Owner:  Sosshi
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  contrib.auth |  Version:  4.0
 Severity:  Normal   |   Resolution:  wontfix
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by Mariusz Felisiak):

 * status:  assigned => closed
 * resolution:   => wontfix
 * component:  Uncategorized => contrib.auth
 * type:  Uncategorized => Cleanup/optimization


Comment:

 > I think we should probably deprecate and remove this method, rather than
 try and make it more complex 樂

 Totally agreed, it's unused since
 fcd837cd0f9b2c706bc49af509628778d442bb3f. See #33764.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/0107018123aa0a91-4348e3e8-6461-4e0c-88f9-5b423a90c14f-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-02 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
---+--
 Reporter:  Javier Torres  |Owner:  Sosshi
 Type:  Uncategorized  |   Status:  assigned
Component:  Uncategorized  |  Version:  4.0
 Severity:  Normal |   Resolution:
 Keywords: | Triage Stage:  Unreviewed
Has patch:  0  |  Needs documentation:  0
  Needs tests:  0  |  Patch needs improvement:  0
Easy pickings:  0  |UI/UX:  0
---+--

Comment (by Carlton Gibson):

 Hi. Erm... I'm not sure what to say here.

 > The usage of ... is limited ...

 Yes, it is. `make_random_password()` is essentially not used as tall in
 the Django codebase.

 An 11 year old comment from Russell says why:

 > The only reason I can think of to generate a random password would be to
 send it in cleartext. To which, the answer is a definitive No. Not ever.

 https://code.djangoproject.com/ticket/15639#comment:2

 I think we should probably deprecate and remove this method, rather than
 try and make it more complex 樂

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/01070181233456fc-fd79c9bc-29c3-4a44-a44f-15bfa1adb885-00%40eu-central-1.amazonses.com.

Re: [Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-01 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
---+--
 Reporter:  Javier Torres  |Owner:  Sosshi
 Type:  Uncategorized  |   Status:  assigned
Component:  Uncategorized  |  Version:  4.0
 Severity:  Normal |   Resolution:
 Keywords: | Triage Stage:  Unreviewed
Has patch:  0  |  Needs documentation:  0
  Needs tests:  0  |  Patch needs improvement:  0
Easy pickings:  0  |UI/UX:  0
---+--
Changes (by Sosshi):

 * owner:  nobody => Sosshi
 * status:  new => assigned


-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701812155985f-55a1a6b3-639d-47a0-8025-f000a95e394b-00%40eu-central-1.amazonses.com.

[Django] #33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS

2022-06-01 Thread Django 
#33758: make_random_password does not comply with AUTH_PASSWORD_VALIDATORS
-+
   Reporter:  Jacatove   |  Owner:  nobody
   Type:  Uncategorized  | Status:  new
  Component:  Uncategorized  |Version:  4.0
   Severity:  Normal |   Keywords:
   Triage Stage:  Unreviewed |  Has patch:  0
Needs documentation:  0  |Needs tests:  0
Patch needs improvement:  0  |  Easy pickings:  0
  UI/UX:  0  |
-+
 The usage of
 {{{
 User.objects.make_random_password()
 }}}
 is limited since the generated passwords are not valid because they were
 created without meeting the validators criteria.

-- 
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/010701811fb6f651-5dee78c0-130e-407d-9cf8-7f5539e466c2-00%40eu-central-1.amazonses.com.