allauth.headless now supports the is_open_for_signup() adapter method.
In case signup is closed, a 403 is returned during signup.
Connecting a third-party account in HEADLESS_ONLY mode failed if the
connections view could not be reversed, fixed.
In case a headless attempt was made to connect a third-party account that was already
connected to a different account, no error was communicated to the frontend. Fixed.
When the headless provider signup endpoint was called while that flow was not pending,
a crash would occur. This has been fixed to return a 409 (conflict).
Microsoft provider: the URLs pointing to the login and graph API are now
configurable via the app settings.
0.63.1 (2024-05-17)
Note worthy changes
When only allauth.account was installed, you could run into an exception
stating "allauth.socialaccount not installed, yet its models are
imported.". This has been fixed.
When SOCIALACCOUNT_EMAIL_AUTHENTICATION was turned on, and a user would
connect a third-party account for which email authentication would kick in,
the connect was implicitly skipped. Fixed.
The recommendation from the documentation to protect the Django admin login
could cause an infinite redirect loop in case of
AUTHENTICATED_LOGIN_REDIRECTS. A decorator secure_admin_login() is now
offered out of the box to ensure that the Django admin is properly secured by
allauth (e.g. rate limits, 2FA).
Subpackages from the tests package were packaged, fixed.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps django-allauth from 0.58.2 to 0.63.2.
Changelog
Sourced from django-allauth's changelog.
... (truncated)
Commits
5d21115
chore: Release 0.63.203779ae
chore(i18n): Translations51ae70e
fix(kakao): Change deprecated properties to profile information92c1918
feat(microsoft): Configurable endpointsdba724d
docs(signals): Add note when social_account_added is called2a8ebc7
fix(headless): Provider signup called while not pending891c6fa
feat(atlassian): add user's name as account string representation6ca37d7
fix(templates): errors not renderered on individual field1c8b41f
fix(examples): Don't depend on outdated version2f0cfeb
docs(examples): README typ-oDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show