* A user's password can be verified by POSTing to .../user/<id>/login. The

   data must contain a single parameter `cleartext_password` and if this
   matches, a 204 (No Content) will be returned, otherwise a 403 (Forbidden)
   is returned.  (LP: #1065447)

Also:
 * Clean up the users.rst REST page so that it reads as better documentation.
   Move some tests into the unittests.
 * Fix (with a new test), the handling of ExistingAddressError when creating
   new users via REST.
 * Fix (with a new test), the crashing when .../users/<id>/addresses is
   referenced on a non-existing user.
 * Add hex_md5 as a deprecated passlib hash scheme for the test suite.  This
   allows us to test hash migration by creating an initial has as hex_md5
   (another crappy hash), and watching verified passwords get migrated to
   roundup_plaintext (and even crappier hash ;).

0 files changed, 0 insertions, 0 deletions