Modify the existing login api in a way that
it will allow the user to login via username as well.
currently it is only allowing email to log the user in.
VAN-445
Exposed the Date header on the outline api so clients can accurately compute times relative to the dates returned by the API; this was previously done with the course API (#26979)
Browser time is notoriously unreliable for this, especially for a Learner-facing countdown call-to-action based on the access expiration date. (REV-2126)
Using the Date header for this allows the client to make use of information that is already sent, does not require additional calls nor modifying the API, and could be generalized to more or all our APIs without modifying them.
This change associates users signing in using oauth providers when tpa is required, verifying that only a single database user is associated with the email.
For more information as to why this was added in a separate pipeline, check edx-platform#25935.
A variety of updates were made to improve the toggle documentation:
* Added comments to help ensure that the waffle(), waffle_switches(),
waffle_flags() anti-pattern won't be contagious (copied).
* Some minor toggle_description updates.
* Removed empty toggle_target_removal_date annotations for
non-temporary toggles.
* Removed empty optional toggle_warnings annotations.
* Removed empty optional toggle_tickets annotations.
* Removed deprecated toggle_category, toggle_status,
and toggle_expiration_date annotations.
* Fixed some indents, use cases, and implementations.
ARCHBOM-1721
Someone at edx was able to quickly send a few texts to himself using the tool.
Each text came from a different number and there was no message about the ability to unsubscribe or stop.
This could potentially be used to spam users as well as potentially result in charges to edX for high volume.
page url https://courses.edx.org/text-me-the-app
LEARNER-8286
The function under test by the StrftimeLocalizedHtmlTest checks the
timezone in the user preferences of the user making the request. If we
don't explicitly set a request here, it will simply use the last Request
that `crum` cached in the thread local cache. This broke now
that we sometimes set the crum request.user to an invalid user in other
tests.
This change ensures that we have a valid request for these tests as a
part of the setup of this test class.
Since we are handling the MFE redirection in login_and_registration_form()
we don't need to handle it here. It's redirecting the enterprise users to
MFE instead of FE which is currently handled in login_and_registration_form()
view.
VAN-425
