Entries in category “Security”
Two new projects
Django and security are two of my favorite topics, and I think they go pretty well together. I’ve given a number of conference talks and tutorials on the theme of Django and security, and I’m one of the people on the receiving end of Django’s security-reporting email address. But although I spend a lot of time thinking about security, and trying to improve the state of the world through code, and occasionally ranting on various forms of social media, I don’t spend a lot of time writing about it here.
Let’s talk about usernames
A few weeks ago I released django-registration 2.4.1. The 2.4 series is the last in the django-registration 2.x line, and from here on out it’ll only get bugfixes. The
master branch is now prepping for 3.0, which will remove a lot of the deprecated cruft that’s accumulated over the past decade of maintaining it, and try to focus on best practices for modern Django applications.
I’ll write more about that sometime soon, but right now I want to spend a little bit of time talking about ...
Reminder for people who try and think it’s a bug: Persona, on this site, is for me to be able to log in and post entries. As such, you will not be able to log in to this site, since you don’t have an account and can’t create one. This isn’t a bug, it’s intended functionality — site owners can control whether accounts can be created, and by whom.
So, last week I mentioned in passing that my next project for this site would be implementing Persona for authentication. Since I ...