El sábado, 19 de julio de 2014 02:17:24 UTC+2, Russell Keith-Magee escribió: > > > On Fri, Jul 18, 2014 at 8:31 PM, Santiago L <santiag...@gmail.com > <javascript:>> wrote: > >> Hi, >> >> Some weeks ago I noticed that django-registration is not longer >> maintained by >> its creator: >> >> quoting https://bitbucket.org/ubernostrum/django-registration/wiki/Home >> > django-registration >> > I stepped down as maintainer of this application in September 2013. Pull >> > requests, issues and comments sent to this repository will be ignored. >> >> >> As I'm currently using this app in my project, I wonder if there is any >> alternative for django-registration? Maybe someone knows about a fork. >> > > I'm not aware of an active fork. If you're looking to step into open > source contribution, this would be a good project to adopt - the code base > is stable, so the management overhead should be relatively low. >
I like the idea about contributing and get in charge of a fork, but I'm not sure about my availability... > > >> Besides that, I found a related issue report (rejected because is not the >> good >> place to ask this question, but relevant anyway)[2] >> >> [2] https://code.djangoproject.com/ticket/13164 >> >> Because there's no single answer to the question. > > Authentication is a topic that is hard to get right, and there's a very > limited number of "right" answers. Passwords *must* be done well, or you > risk vulnerability, and what constitutes "well" requires considerable > expertise. > > However, the requirements for registration and signup will vary between > projects, and will depend on project requirements. Some projects will need > a fully verified personal profile before you can continue; some only > require a verified email address; some will allow an email address, but > allow later verification, and some will require completely anonymous > profiles that are filled in at a critical point in workflow (e.g., at > checkout in an e-commerce site). > > There's also nothing especially technically complex about these workflows > - unlike Authentication, there aren't any real land mines that could lead > to vulnerabilities (beyond those that are inherent in building *any* web > page). > > So, the Django project has made the decision to keep Authentication as a > core piece of functionality, but keep registration as a third-party thing. > This means that the wider community can contribute alternate approaches. It > also means that the core team isn't a bottleneck on progress - > django-regsistration has it's own release cycles, bug tracking processes, > and so on. > > This arrangement has worked well for 8 years; it's only because James has > stepped down and nobody has volunteered to take over that a problem now > exists. > > Thanks for your explanation!! -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/a8450ee8-96a0-4a1e-9071-2740544e5533%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
