Re: [Probably BUG] set_password and check_password accept values other than string as parameters

Adam, One question I have is - did you experience any real world issue with this? Personally I didn't, but I can imagine scenarios where this *could* be an issue for other programmers. Suppose you want to create a password hash from another SHA256 hash, but you're only a human

Re: [Feature Request] Having an middleware to be able to force authentication on views by default

Hi Adam, Thanks for your comments. I was thinking to implemented this as a separated middleware but, as you said, AuthenticationMiddleware is much better place to do it. I already started to implementing this in AuthenticationMiddleware. I would like to send a PR if it’s okay to everyone ? I’

Re: [Probably BUG] set_password and check_password accept values other than string as parameters

Dawid, thank you for checking these other implementations. I agree it's somewhat surprising and clearly something the developers of the other password libraries decided to guard against. One question I have is - did you experience any real world issue with this? Reading back over the thread, you h

Re: [Feature Request] Having an middleware to be able to force authentication on views by default

Hi Mehmet, I like your move to fail-closed here. I've certainly seen missing auth decorators as a recurring issue in my career, and I do think as an OWASP top ten we should try tackle it better in the framework. Your implementation is very few lines of code. It could be made more robust, using th