New in PyLucid v1.5.0

The main goals of this release: With v1.5.0 every PyLucid user can change this password without a password email reset. Even normal, non-stuff users.

There is a new menu point:

  • PyLucid Admin Menu / tools / user profile

This "user profile" page display a few information (Maybe we add more in the future). There are two links:

  1. JavaScript enhanced password change
  2. Normal password set view from django.

The second one is only as fallback, because then you send your password in plaintext (without https)!
The first one builds the salted hashed direclty in the browser!

backward incompatible

We change the slat length from 5 to 12 characters. So if you don't use SQLite you need a database schema migration, so that the field UserProfile.sha_login_salt changes the max length.

migrate database changes

1
2
# Do south migrations
/var/www/YourSite$ ./manage.py migrate

In the output you must see theses lines:

1
2
3
4
5
...
Running migrations for pylucid:
 - Migrating forwards to 0004_salt_length.
 > pylucid:0004_salt_length
...

install plugin view

You must also reinstall the PyLucid plugins, to activate the new user profile admin view. Just click on:

  • PyLucid Admin Menu / PyLucid / install plugins

diff link

Compare v1.4.3...v1.5.0 diff. (Note: v1.4.4 was not really a release!)