Description of problem: Transifex won't let you sign in if your password contains special characters such as "é" or "è". Version-Release number of selected component (if applicable): the current online version How reproducible: Always Steps to Reproduce: 1. Be a member of cvsl10n 2. change your password to "kikoololé" (for example) in "My Account" tab from https://admin.fedoraproject.org/accounts/ 3. try to sign in transifex at any page from the https://translate.fedoraproject.org/ website. Actual results: The authentification fails: "Please enter a correct username and password. Note that both fields are case-sensitive." Expected results: You should get authentificated. Additional info: Only transifex is concerned by the issue, all the other services I know which use FAS authentificate me successfully. I can confirm that all is working well if I change my password to a something without special characters.
I have the suspicion that it's probably something related to the Django authbackend provided by python-fedora. Transifex just call the method defined in its settings. Toshio, what do you think?
If I remember correctly, fas doesn't support passwords with non-ASCII characters. Since transifex shares the account, this limitation would be passed on to transifex. If you can log into fas with a password with special characters we should look into whether transifex is the only app that is having problems or if these have issues as well: https://admin.fedoraproject.org/pkgdb -- if fas works, I'd expect this does as well. https://fedorahosted.org/reviewboard/account/login/?next_page=/reviewboard/dashboard/ -- this uses the same python-fedora backend as transifex but has a lot of different stuff between the python-fedora code and django.
I've tested all the services (to my poor knowledge) using FAS creditentials: - https://admin.fedoraproject.org/accounts/ - OK - https://fedoraproject.org/w/ - OK - https://admin.fedoraproject.org/pkgdb/ - KO - https://fedorahosted.org/reviewboard/account/login/?next_page=/reviewboard/dashboard/ - KO - https://translate.fedoraproject.org/ - KO So you're right, it's not a Transifex (-only) issue. If FAS doesn't support non-ASCII characters for passwords, it shouldn't mark it as "Valid" on the "My account" page... Still, in my opinion, such passwords should really be valid. It's a basic security rule to choose passwords with a large variety of characters. Limiting the choice range to 128 characters is, in my mind, a security issue. Kind regards.
hrm, the only two that don't work in your list are django based I think
> - https://admin.fedoraproject.org/pkgdb/ - KO PackageDB is listed as not working as well.
oh you're right, that word wrapped on my screen and I saw a top list and bottom list :) well that's weird, why would accounts work and pkgdb wouldn't, maybe python-fedora issue? I bet /accounts/ does some sort of local auth against fas.
I was able to do a little bit of work on this this morning -- I can replicate the issues in staging. It does not affect https://admin.stg.fedoraproject.org/accounts/ It does affect https://admin.stg.fedoraproject.org/pkgdb/ Looking at the code I haven't yet identified where the problem lies, though.
Closing this, now that we don't run transifex anymore.