Get inside your stronghold and make all your Django views default login_required


Build Status


Get inside your stronghold and make all your Django views default login_required

Stronghold is a very small and easy to use django app that makes all your Django project default to require login for all of your views.

WARNING: still in development, so some of the DEFAULTS and such will be changing without notice.


Install via pip.

pip install django-stronghold

Add stronghold to your INSTALLED_APPS in your Django settings file


Then add the stronghold middleware to your MIDDLEWARE_CLASSES in your Django settings file



If you followed the installation instructions now all your views are defaulting to require a login. To make a view public again you can use the public decorator provided in stronghold.decorators like so:

For function based views

from stronghold.decorators import public

def someview(request):
	# do some work

For class based views (decorator)

from django.utils.decorators import method_decorator
from stronghold.decorators import public

class SomeView(View):
	def get(self, request, *args, **kwargs):
		# some view logic

	def dispatch(self, *args, **kwargs):
    	        return super(SomeView, self).dispatch(*args, **kwargs)

For class based views (mixin)

from stronghold.views import StrongholdPublicMixin

class SomeView(StrongholdPublicMixin, View):

Configuration (optional)


Use Strongholds defaults in addition to your own settings.



You can add a tuple of url regexes in your settings file with the STRONGHOLD_PUBLIC_URLS setting. Any url that matches against these patterns will be made public without using the @public decorator.





    r'^%s.+$' % settings.STATIC_URL,
    r'^%s.+$' % settings.MEDIA_URL,

When settings.DEBUG = True. This is additive to your settings to support serving Static files and media files from the development server. It does not replace any settings you may have in STRONGHOLD_PUBLIC_URLS.

Note: Public URL regexes are matched against HttpRequest.path_info.


You can add a tuple of url names in your settings file with the STRONGHOLD_PUBLIC_NAMED_URLS setting. Names in this setting will be reversed using django.core.urlresolvers.reverse and any url matching the output of the reverse call will be made public without using the @public decorator:



If STRONGHOLD_DEFAULTS is True additionally we search for django.contrib.auth if it exists, we add the login and logout view names to STRONGHOLD_PUBLIC_NAMED_URLS


Optionally, set STRONGHOLD_USER_TEST_FUNC to a callable to limit access to users that pass a custom test. The callback receives a User object and should return True if the user is authorized. This is equivalent to decorating a view with user_passes_test.


STRONGHOLD_USER_TEST_FUNC = lambda user: user.is_staff


STRONGHOLD_USER_TEST_FUNC = lambda user: user.is_authenticated


Tested with:

  • Django 1.8.x
  • Django 1.9.x
  • Django 1.10.x
  • Django 1.11.x
  • Django 2.0.x
  • Django 2.1.x
  • Django 2.2.x



  • Add Django 2.1 compatibility

    Add Django 2.1 compatibility

    The test suite is failing with Django 2.1, as it seems that set_view_func_public may now receive the dispatch method itself in parameter. I tracked this issue to this Django commit:

    opened by claudep 12
  • Support Django 1.7 and Python 3

    Support Django 1.7 and Python 3

    • Add python3 testing to makefile.
    • Advertise python 3 and 3.4 in classifiers.
    • Advertise Django 1.7 support in README.
    • Rename test modules to start with 'test' for better consistency with unittest module and new Django test runner.
    • Explictly set TEST_RUNNER in test_project settings to avoid Django from throwing a warning.
    • Fix test_project/ to work with absense of relative imports in python3.
    opened by SunilMohanAdapa 9
  • Support using Django 1.10 new style middleware

    Support using Django 1.10 new style middleware

    Add support for new style middleware introduced in Django 1.10. Support for old style middleware will be dropped from Django in the future. Any application using stronghold can't move using new style middleware until strong supports new style middleware.

    Altering existing code to support new style and old style middleware is quite simple as adding a mixin to the existing middleware class.

    opened by SunilMohanAdapa 8
  • Fix for Django 2.1 decorators

    Fix for Django 2.1 decorators

    This is a semi-hacky way to make django-stronghold work on Django 2.1

    Additionally, added a couple views to the test project to make it easier to test the different methods of declaring a public view.

    opened by cw0102 5
  • Python3 tag on PyPi

    Python3 tag on PyPi

    Would it be possible to add to PyPi entry that django-stronghold is Python 3 compatible? I am getting a false negative when I use the caniusepython3 ( program.


    opened by aklaver 5
  • Please make a release with Django 2.0 support

    Please make a release with Django 2.0 support

    Although Django 2.0 support has been added, there is not release yet with this support. We wish to make a Debian package with Django 2.0 support as Django 2.0 is about to released soon into Debian. FreedomBox project especially needs this in time.

    Please consider making a new release of stronghold as soon as you can.

    opened by SunilMohanAdapa 4
  • 'LoginRequiredMiddleware' object is not callable

    'LoginRequiredMiddleware' object is not callable

    I keep getting error TypeError: 'LoginRequiredMiddleware' object is not callable. I'm using django 1.10 and using master branch.

    any reason why this is happening? thanks

    opened by whaleforever 4
  • ImproperlyConfigured: The included urlconf <app>.urls doesn't have any patterns in it

    ImproperlyConfigured: The included urlconf .urls doesn't have any patterns in it

    Hola, I'm getting the above as an error. I've fleshed out the relative conf and py files on SO:

    From the Apache2 error log, it looks like it's got something to do with Stronghold?

    I tried deleting /.virtualenvs/erp-dev/lib/python2.7/site-packages/stronghold/conf.pyc and then replaced reverse with reverse_lazy in but that didn't work.

    Any idea what might be going wrong?

     mod_wsgi (pid=25007): Exception occurred processing WSGI script '/home/erp/www/dev/erp/erp/erp/'.
     Traceback (most recent call last):
      File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/handlers/", line 187, in __call__
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/handlers/", line 47, in load_middleware
         mw_class = import_by_path(middleware_path)
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/utils/", line 21, in import_by_path
         module = import_module(module_path)
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/utils/", line 40, in import_module
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/stronghold/", line 2, in <module>
         from stronghold import conf, utils
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/stronghold/", line 33, in <module>
         url = reverse(named_url)
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/", line 509, in reverse
         return iri_to_uri(resolver._reverse_with_prefix(view, prefix, *args, **kwargs))
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/", line 387, in _reverse_with_prefix
         possibilities = self.reverse_dict.getlist(lookup_view)
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/", line 296, in reverse_dict
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/", line 262, in _populate
         for pattern in reversed(self.url_patterns):
       File "/home/erp/.virtualenvs/erp-dev/lib/python2.7/site-packages/django/core/", line 350, in url_patterns
         raise ImproperlyConfigured("The included urlconf %s doesn't have any patterns in it" % self.urlconf_name)
    ImproperlyConfigured: The included urlconf erp.urls doesn't have any patterns in it
    opened by datakid 4
  • Default install results in redirect loop on all pages

    Default install results in redirect loop on all pages

    I am using Django 1.7, and the latest stable install of django-blog-zinnia. Once I installed django-stronghold to its default settings via instructions on your readme, I get a redirect loop on all pages and it looks something like this:

    'hxxp:// '

    I am honestly not sure if this is something to do with stronghold but I would really like to be able to use this middleware either way!

    EDIT: Oh my god. I am sorry for even posting this but I think it's because I have my own custom login urls, so stronghold treats it like any other url on my site and hence the loop!

    opened by butstevetho 3
  • Can't make admin public in Django 1.7

    Can't make admin public in Django 1.7

    I have a Django 1.7 project where I want to use django admin as usual with it's authentication and the rest of the site with my login. No matter what I configure in my settings, "/admin" still redirects to "/accounts/login", and would like it to redirect to django's admin login.

    opened by alexarsh 3
  • Recursive login feedback

    Recursive login feedback

    When I enable Stronghold and then visit a page, I get what look like unescaped, recursive errors:

    20/Nov/2013 13:58:32] "GET /inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/accounts/login/%25252525252525252525252525253Fnext%25252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/accounts/login/%25252525252525252525252525253Fnext%25252525252525252525252525253D/accounts/login/%2525252525252525252525252525253Fnext%2525252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/accounts/login/%25252525252525252525252525253Fnext%25252525252525252525252525253D/accounts/login/%2525252525252525252525252525253Fnext%2525252525252525252525252525253D/accounts/login/%252525252525252525252525252525253Fnext%252525252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/accounts/login/%25252525252525252525252525253Fnext%25252525252525252525252525253D/accounts/login/%2525252525252525252525252525253Fnext%2525252525252525252525252525253D/accounts/login/%252525252525252525252525252525253Fnext%252525252525252525252525252525253D/accounts/login/%25252525252525252525252525252525253Fnext%25252525252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    [20/Nov/2013 13:58:32] "GET /accounts/login/?next=/accounts/login/%3Fnext%3D/accounts/login/%253Fnext%253D/accounts/login/%25253Fnext%25253D/accounts/login/%2525253Fnext%2525253D/accounts/login/%252525253Fnext%252525253D/accounts/login/%25252525253Fnext%25252525253D/accounts/login/%2525252525253Fnext%2525252525253D/accounts/login/%252525252525253Fnext%252525252525253D/accounts/login/%25252525252525253Fnext%25252525252525253D/accounts/login/%2525252525252525253Fnext%2525252525252525253D/accounts/login/%252525252525252525253Fnext%252525252525252525253D/accounts/login/%25252525252525252525253Fnext%25252525252525252525253D/accounts/login/%2525252525252525252525253Fnext%2525252525252525252525253D/accounts/login/%252525252525252525252525253Fnext%252525252525252525252525253D/accounts/login/%25252525252525252525252525253Fnext%25252525252525252525252525253D/accounts/login/%2525252525252525252525252525253Fnext%2525252525252525252525252525253D/accounts/login/%252525252525252525252525252525253Fnext%252525252525252525252525252525253D/accounts/login/%25252525252525252525252525252525253Fnext%25252525252525252525252525252525253D/accounts/login/%2525252525252525252525252525252525253Fnext%2525252525252525252525252525252525253D/inventory/ HTTP/1.1" 302 0
    opened by datakid 3
  • docs: Fix a few typos

    docs: Fix a few typos

    There are small typos in:

    • docs/
    • stronghold/


    • Should read that rather than shat.
    • Should read function rather than fuction.

    Semi-automated pull request generated by

    opened by timgates42 0
  • Bump pygments from 1.6 to 2.7.4

    Bump pygments from 1.6 to 2.7.4

    Bumps pygments from 1.6 to 2.7.4.

    Release notes

    Sourced from pygments's releases.


    • Updated lexers:

      • Apache configurations: Improve handling of malformed tags (#1656)

      • CSS: Add support for variables (#1633, #1666)

      • Crystal (#1650, #1670)

      • Coq (#1648)

      • Fortran: Add missing keywords (#1635, #1665)

      • Ini (#1624)

      • JavaScript and variants (#1647 -- missing regex flags, #1651)

      • Markdown (#1623, #1617)

      • Shell

        • Lex trailing whitespace as part of the prompt (#1645)
        • Add missing in keyword (#1652)
      • SQL - Fix keywords (#1668)

      • Typescript: Fix incorrect punctuation handling (#1510, #1511)

    • Fix infinite loop in SML lexer (#1625)

    • Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

    • Limit recursion with nesting Ruby heredocs (#1638)

    • Fix a few inefficient regexes for guessing lexers

    • Fix the raw token lexer handling of Unicode (#1616)

    • Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

    • Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

    • Fix incorrect MATLAB example (#1582)

    Thanks to Google's OSS-Fuzz project for finding many of these bugs.


    ... (truncated)


    Sourced from pygments's changelog.

    Version 2.7.4

    (released January 12, 2021)

    • Updated lexers:

      • Apache configurations: Improve handling of malformed tags (#1656)

      • CSS: Add support for variables (#1633, #1666)

      • Crystal (#1650, #1670)

      • Coq (#1648)

      • Fortran: Add missing keywords (#1635, #1665)

      • Ini (#1624)

      • JavaScript and variants (#1647 -- missing regex flags, #1651)

      • Markdown (#1623, #1617)

      • Shell

        • Lex trailing whitespace as part of the prompt (#1645)
        • Add missing in keyword (#1652)
      • SQL - Fix keywords (#1668)

      • Typescript: Fix incorrect punctuation handling (#1510, #1511)

    • Fix infinite loop in SML lexer (#1625)

    • Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

    • Limit recursion with nesting Ruby heredocs (#1638)

    • Fix a few inefficient regexes for guessing lexers

    • Fix the raw token lexer handling of Unicode (#1616)

    • Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

    • Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

    • Fix incorrect MATLAB example (#1582)

    Thanks to Google's OSS-Fuzz project for finding many of these bugs.

    Version 2.7.3

    (released December 6, 2020)

    ... (truncated)

    • 4d555d0 Bump version to 2.7.4.
    • fc3b05d Update CHANGES.
    • ad21935 Revert "Added dracula theme style (#1636)"
    • e411506 Prepare for 2.7.4 release.
    • 275e34d doc: remove Perl 6 ref
    • 2e7e8c4 Fix several exponential/cubic complexity regexes found by Ben Caller/Doyensec
    • eb39c43 xquery: fix pop from empty stack
    • 2738778 fix coding style in test_analyzer_lexer
    • 02e0f09 Added 'ERROR STOP' to keywords. (#1665)
    • c83fe48 support added for css variables (#1633)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    opened by dependabot[bot] 0
  • Bump jinja2 from 2.10.3 to 2.11.3

    Bump jinja2 from 2.10.3 to 2.11.3

    Bumps jinja2 from 2.10.3 to 2.11.3.

    Release notes

    Sourced from jinja2's releases.


    This contains a fix for a speed issue with the urlize filter. urlize is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to urlize in general, not just the specific input cases.



    This fixes an issue in async environment when indexing the result of an attribute lookup, like {{ data.items[1:] }}.


    This is the last version to support Python 2.7 and 3.5. The next version will be Jinja 3.0 and will support Python 3.6 and newer.


    Sourced from jinja2's changelog.

    Version 2.11.3

    Released 2021-01-31

    • Improve the speed of the urlize filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:1343

    Version 2.11.2

    Released 2020-04-13

    • Fix a bug that caused callable objects with __getattr__, like :class:~unittest.mock.Mock to be treated as a :func:contextfunction. :issue:1145
    • Update wordcount filter to trigger :class:Undefined methods by wrapping the input in :func:soft_str. :pr:1160
    • Fix a hang when displaying tracebacks on Python 32-bit. :issue:1162
    • Showing an undefined error for an object that raises AttributeError on access doesn't cause a recursion error. :issue:1177
    • Revert changes to :class:~loaders.PackageLoader from 2.10 which removed the dependency on setuptools and pkg_resources, and added limited support for namespace packages. The changes caused issues when using Pytest. Due to the difficulty in supporting Python 2 and :pep:451 simultaneously, the changes are reverted until 3.0. :pr:1182
    • Fix line numbers in error messages when newlines are stripped. :pr:1178
    • The special namespace() assignment object in templates works in async environments. :issue:1180
    • Fix whitespace being removed before tags in the middle of lines when lstrip_blocks is enabled. :issue:1138
    • :class:~nativetypes.NativeEnvironment doesn't evaluate intermediate strings during rendering. This prevents early evaluation which could change the value of an expression. :issue:1186

    Version 2.11.1

    Released 2020-01-30

    • Fix a bug that prevented looking up a key after an attribute ({{ data.items[1:] }}) in an async template. :issue:1141

    ... (truncated)


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    opened by dependabot[bot] 0
  • Password reset not public by default

    Password reset not public by default

    Urls for login and logout are public if django.contrib.auth is installed but not password_reset, password_reset_done, password_reset_confirm nor password_reset_complete. Could you add theses ? I can make a PR later if you prefer.

    opened by logut 6
Mike Grouchy
Chief Product Officer @pagecloud, Founder at Pycoders Weekly(acquired), Python Developer.
Mike Grouchy
Notes-Django: an advanced project to save notes in Django. where users are able to Create, Read, Update and Delete their notes.

An advanced software to keep you notes. It allows users to perform CRUD operations on theirs Notes. Was implemented Authorization and Authentication

Edilson Pateguana 1 Feb 05, 2022
Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Yummy Django API, it's the exclusive API used for the e-yummy-ke vue web app

Am.Chris_KE 1 Feb 14, 2022
pdm-django: Django command shortcuts for PDM

pdm-django: Django command shortcuts for PDM A plugin that gives you command shortcuts for developing with PDM. pdm run python runserver -

Neutron Sync 2 Aug 11, 2022
Django API without Django REST framework.

Django API without DRF This is a API project made with Django, and without Django REST framework. This project was done with: Python 3.9.8 Django 3.2.

Regis Santos 3 Jan 19, 2022
Extensions for using Rich with Django.

django-rich Extensions for using Rich with Django. Requirements Python 3.6 to 3.10 supported. Django 2.2 to 4.0 supported. Are your tests slow? Check

Adam Johnson 88 Dec 26, 2022
Service request portal on top of Ansible Tower

Squest - A service request portal based on Ansible Tower Squest is a Web portal that allow to expose Tower based automation as a service. If you want

Hewlett Packard Enterprise 183 Jan 04, 2023
Backend with Django .

BackendCode - Cookies Documentation: By @tcotidiane33 & @yaya Models Premium class Pack(models.Model): n

just to do it 1 Jan 28, 2022
Django query profiler - one profiler to rule them all. Shows queries, detects N+1 and gives recommendations on how to resolve them

Django Query Profiler This is a query profiler for Django applications, for helping developers answer the question "My Django code/page/API is slow, H

Django Query Profiler 116 Dec 15, 2022
Utility for working with recurring dates in Django.

django-recurrence django-recurrence is a utility for working with recurring dates in Django. Documentation is available at https://django-recurrence.r

408 Jan 06, 2023
Projeto Crud Django and Mongo

Projeto-Crud_Django_and_Mongo Configuração para rodar o projeto Download Project

Samuel Fernandes Oliveira 2 Jan 24, 2022
Cached file system for online resources in Python

Minato Cache & file system for online resources in Python Features Minato enables you to: Download & cache online recsources minato supports the follo

Yasuhiro Yamaguchi 10 Jan 04, 2023
Improved Django model inheritance with automatic downcasting

Polymorphic Models for Django Django-polymorphic simplifies using inherited models in Django projects. When a query is made at the base model, the inh

1.4k Jan 03, 2023
A simple porfolio with Django, Bootstrap and Sqlite3

Django Portofolio Example this is a basic portfolio in dark mode Installation git clone cd djan

Fazt Web 16 Sep 26, 2022
A small Django app to easily broadcast an announcement across a website.

django-site-broadcasts The site broadcast application allows users to define short messages and announcements that should be displayed across a site.

Ben Lopatin 12 Jan 21, 2020
TinyMCE integration for Django

django-tinymce django-tinymce is a Django application that contains a widget to render a form field as a TinyMCE editor. Quickstart Install django-tin

Jazzband 1.1k Dec 26, 2022
Twitter Bootstrap for Django Form

Django bootstrap form Twitter Bootstrap for Django Form. A simple Django template tag to work with Bootstrap Installation Install django-bootstrap-for

tzangms 557 Oct 19, 2022
Django + Next.js integration

Django Next.js Django + Next.js integration From a comment on StackOverflow: Run 2 ports on the same server. One for django (public facing) and one fo

Quera 162 Jan 03, 2023
Exemplo de biblioteca com Django

Bookstore Exemplo de biblioteca feito com Django. Este projeto foi feito com: Python 3.9.7 Django 3.2.8 Django Rest Framework 3.12.4 Bootstrap 4.0 Vue

Regis Santos 1 Oct 28, 2021
A feature flipper for Django

README Django Waffle is (yet another) feature flipper for Django. You can define the conditions for which a flag should be active, and use it in a num

950 Dec 26, 2022
Use watchfiles in Django’s autoreloader.

django-watchfiles Use watchfiles in Django’s autoreloader. Requirements Python 3.7 to 3.10 supported. Django 2.2 to 4.0 supported. Installation Instal

Adam Johnson 43 Dec 14, 2022