Switch to system random as number generator instead of the
default PRNG, which is not recommended for generating
security-related values such as unique tokens.
(Complements parent commit)
Closes#7761
Commit 856bc6f2b1
may cause an issue if the auth_crypt module
is loaded before the base module. That should never
happen in normal circumstances, but forcing an
explicit import does not hurt and makes it safer.
Closes#6742
A squashed merge is required as the conversion of the apiculture branch from
bzr to git was not correctly done. The git history contains irrelevant blobs
and commits. This branch brings a lot of changes and fixes, too many to list
exhaustively.
- New orm api, objects are now used instead of ids
- Environements to encapsulates cr uid context while maintaining backward compatibility
- Field compute attribute is a new object oriented way to define function fields
- Shared browse record cache
- New onchange protocol
- Optional copy flag on fields
- Documentation update
- Dead code cleanup
- Lots of fixes
Applies to new and yet-to-be-encrypted users, existing already-encrypted will
keep logging in as usual, their password storage will be upgraded on next
password *change*.