* User sessions: after changing your password in case of
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = False, the list of
sessions woud be empty instead of showing your current
session.
* SAML: accessing the SLS/ACS views using a GET request would
result in a crash (500).
* SAML: the login view did not obey the
SOCIALACCOUNT_LOGIN_ON_GET = False setting.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-django-allauth?expand=0&rev=26
- update to 0.60.0:
* Google One Tap Sign-In is now supported.
* You can now more easily change the URL to redirect to after a
successful password change/set via the newly introduced
get_password_change_redirect_url() adapter method.
* You can now configure the primary key of all models by
configuring ALLAUTH_DEFAULT_AUTO_FIELD, for example to:
"hashid_field.HashidAutoField".
* You can now specify the URL path prefix that is used for all
OpenID Connect providers using
SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX. By default, it is
set to "oidc", meaning, an OpenID Connect provider with
provider ID foo uses /accounts/oidc/foo/login/ as its login
URL. Set it to empty ("") to keep the previous URL structure
(/accounts/foo/login/).
* The SAML default attribute mapping for uid has been changed
to only include urn:oasis:names:tc:SAML:attribute:subject-id.
If the SAML response does not contain that, it will fallback
to use NameID.
OBS-URL: https://build.opensuse.org/request/show/1137633
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-django-allauth?expand=0&rev=12
* Google One Tap Sign-In is now supported.
* You can now more easily change the URL to redirect to after a
successful password change/set via the newly introduced
get_password_change_redirect_url() adapter method.
* You can now configure the primary key of all models by
configuring ALLAUTH_DEFAULT_AUTO_FIELD, for example to:
"hashid_field.HashidAutoField".
* You can now specify the URL path prefix that is used for all
OpenID Connect providers using
SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX. By default, it is
set to "oidc", meaning, an OpenID Connect provider with
provider ID foo uses /accounts/oidc/foo/login/ as its login
URL. Set it to empty ("") to keep the previous URL structure
(/accounts/foo/login/).
* The SAML default attribute mapping for uid has been changed
to only include urn:oasis:names:tc:SAML:attribute:subject-id.
If the SAML response does not contain that, it will fallback
to use NameID.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-django-allauth?expand=0&rev=24
- update to 0.59.0:
* The MFA authenticator model now features "created at" an
"last used "at" timestamps.
* The MFA authenticator model is now registered with the Django
admin.
* Added MFA signals emitted when authenticators are added,
removed or (in case of recovery codes) reset.
* There is now an MFA adapter method
``can_delete_authenticator(authenticator)``
available that can be used to prevent users from deactivating
e.g. their TOTP authenticator.
* Added a new app, user sessions, allowing users to view a list
of all their active sessions, as well as offering a means to
end these sessions.
* A configurable timeout (``SOCIALACCOUNT_REQUESTS_TIMEOUT``)
is now applied to all upstream requests.
* Added a setting ``ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS`` to disable
sending of emails to unknown accounts.
* You can now override the MFA forms via the ``MFA_FORMS``
setting.
OBS-URL: https://build.opensuse.org/request/show/1133055
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-django-allauth?expand=0&rev=11
* The MFA authenticator model now features "created at" an
"last used "at" timestamps.
* The MFA authenticator model is now registered with the Django
admin.
* Added MFA signals emitted when authenticators are added,
removed or (in case of recovery codes) reset.
* There is now an MFA adapter method
``can_delete_authenticator(authenticator)``
available that can be used to prevent users from deactivating
e.g. their TOTP authenticator.
* Added a new app, user sessions, allowing users to view a list
of all their active sessions, as well as offering a means to
end these sessions.
* A configurable timeout (``SOCIALACCOUNT_REQUESTS_TIMEOUT``)
is now applied to all upstream requests.
* Added a setting ``ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS`` to disable
sending of emails to unknown accounts.
* You can now override the MFA forms via the ``MFA_FORMS``
setting.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-django-allauth?expand=0&rev=22
- Update to 0.39.1:
* The linkedin_oauth2 provider now gracefully deals with old V1 data that might still be present in SocialAccount.extra_data.
* New providers: JupyterHub (OAuth2), Steam (OpenID)
* Refactor translations: Portuguese (Portugal).
* Add testing for Django 2.2 (no code changes required)
* linkedin_oauth2: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2. The format of the user extra_data is different and the profile picture is absent by default.
OBS-URL: https://build.opensuse.org/request/show/683727
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-django-allauth?expand=0&rev=2
* The linkedin_oauth2 provider now gracefully deals with old V1 data that might still be present in SocialAccount.extra_data.
* New providers: JupyterHub (OAuth2), Steam (OpenID)
* Refactor translations: Portuguese (Portugal).
* Add testing for Django 2.2 (no code changes required)
* linkedin_oauth2: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2. The format of the user extra_data is different and the profile picture is absent by default.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-django-allauth?expand=0&rev=3
