django-sqrl-2/CHANGELOG

138 lines
4.4 KiB
Plaintext

Sat, 14 Sep 2019 07:33:09 -0500
Keaton <kii-chan@tutanota.com>
Remove obsolete "qrl" schema, enforce SSL connections
- As suspected, "qrl" URLs were a remnant of early versions of the protocol.
Removed that functionality.
- In its place, `sqrl_url` now spits out `None` if the connection is not SSL.
The default templates have been updated to display a message urging the user
to not log in until they have secured their connection, as well as remove the
QR code.
- Made the JS polling async, because Firefox was scolding me.
--------------------
Sat, 14 Sep 2019 06:03:32 -0500
Keaton <kii-chan@tutanota.com>
Remove old RST's, update README
--------------------
Sat, 14 Sep 2019 04:51:42 -0500
Keaton <kii-chan@tutanota.com>
Add `static` reference to Template section
--------------------
Sat, 14 Sep 2019 04:38:14 -0500
Keaton <kii-chan@tutanota.com>
Fix templating errors, js errors
- Javascript `urlparams` didn't handle being null
- Templates needed updating/cleaning
- Moved SQRL dropin CSS to its own file
- New example picture to show off changes to CSS/templates
--------------------
Sat, 14 Sep 2019 03:13:30 -0500
Keaton <kii-chan@tutanota.com>
Add `manage.py` for `tests`
--------------------
Sat, 14 Sep 2019 02:38:56 -0500
Keaton <kii-chan@tutanota.com>
Remove ed25519, add pynacl, documentation updates and preparation for PyPI
- Fixed typos in readme, fixed formatting to be a little nicer.
- Converted `tests` "app". Run tests as follows:
python3 tests/manage.py test
- `python-ed25519` lists on its GitHub page that it is depreciated, and that
`pynacl` is the recommended alternative. As such, I've converted all calls
to the ed25519 library into pynacl calls. All the tests pass, so we *should*
be good...
- Sidenote, I should really get in the habit of making sure tests pass before
committing...
- Started adding files needed by PyPI. Honestly I'm not sure that everything
is 100% necessary, but I'm not really concerning myself with it for this
commit. I just want to push the
--------------------
Wed, 04 Sep 2019 21:08:57 -0500
Keaton <kii-chan@tutanota.com>
Misc updates
- Fleshed out the readme
- Changed variable name to be more sensical
- Altered how `next` redirection works so it's a little more robust
--------------------
Mon, 02 Sep 2019 09:42:24 -0500
Keaton <kii-chan@tutanota.com>
Fixing functionality
A bare-bones test server was set up and account creation and authentication was
achieved through SQRL. Old documentation needs to be updated, and new
documentation needs to be written (mostly for using the drop-in login).
At this point, the SQRL authentication protocol for Django is functional!
Further work needs to be done to test drop-in support for already-running sites.
If possible, that would be the ideal end goal; making it as easy as possible to
propagate SQRL through the internet.
--------------------
Mon, 02 Sep 2019 04:56:45 -0500
Keaton <kii-chan@tutanota.com>
Completing functional conversions
Not much is verified to work yet. All tests pass, however functionality
is not guaranteed. This update is being pushed to the dev git in order
for an easier setup of a test server with SSL.
Things changed: No idea, just squashed bugs that were causing tests to
fail.
Future development note: The original package supports insecure "qrl://"
schema, and as far as I can tell, that's not supported. I will probably
post on the SQRL forums about it, and remove the functionality completely
if the consensus is that it is not legitimate.
--------------------
Mon, 02 Sep 2019 02:03:23 -0500
Keaton <kii-chan@tutanota.com>
Still building initial conversions
Everything is still completely untested. These conversions were done a few weeks
ago, so my memory on any design changes is a little rusty. Aside from what's
listed below, all changes are just compatibility fixes.
- Removed references to six since we're dropping Python 2 support
- Removed references to QR code urls since those will be browser generated
- Added template for creating a drop-in SQRL login element
- Also changed some variable names to be less confusing
- Changed login pages to use drop-in element
--------------------
Wed, 14 Aug 2019 12:14:52 -0500
Keaton <kii-chan@tutanota.com>
fix typo
--------------------
Wed, 14 Aug 2019 11:52:59 -0500
Keaton <kii-chan@tutanota.com>
Initial commit
Project is still completely unworkable and unfinished, just starting to initialize things.
--------------------