When only allauth.account was installed, you could run into an exception
stating "allauth.socialaccount not installed, yet its models are
imported.". This has been fixed.
When SOCIALACCOUNT_EMAIL_AUTHENTICATION was turned on, and a user would
connect a third-party account for which email authentication would kick in,
the connect was implicitly skipped. Fixed.
The recommendation from the documentation to protect the Django admin login
could cause an infinite redirect loop in case of
AUTHENTICATED_LOGIN_REDIRECTS. A decorator secure_admin_login() is now
offered out of the box to ensure that the Django admin is properly secured by
allauth (e.g. rate limits, 2FA).
Subpackages from the tests package were packaged, fixed.
0.63.0 (2024-05-14)
Note worthy changes
New providers: TikTok, Lichess.
Starting since version 0.62.0, new email addresses are always stored as lower
case. In this version, we take the final step and also convert existing data
to lower case, alter the database indices and perform lookups
accordingly. Migrations are in place. For rationale, see the note about email
case sensitivity in the documentation.
An official API for single-page and mobile application support is now
available, via the new allauth.headless app.
Added support for a honeypot field on the signup form. Real users do not see
the field and therefore leave it empty. When bots do fill out the field
account creation is silently skipped.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps django-allauth from 0.62.1 to 0.63.1.
Changelog
Sourced from django-allauth's changelog.
Commits
e409ac9
chore: Release 0.63.18fd365f
docs(ChangeLog): Add account-only note2021e0b
fix(socialaccount): is_existing caused repeated db queries6da7730
fix: Don't import mfa/socialaccount models when not installed7e8c262
feat(templates): add form tags for emailb1786ed
feat: secure_admin_login() decorator9731a41
fix(socialaccount): Email authentication vs connected37642
fix(setup): tests subpackages being packagedb9c1f3a
chore: Opening 0.63.1-dev0a3040f
fix(README): PyPi vs raw::htmlDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show