Dirk Mueller
cf99206350
* See https://github.com/pennersr/django-allauth/blob/0.63.3/ChangeLog.rst or the packaged ChangeLog.rst file. - Updated missing-template-in-test.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-django-allauth?expand=0&rev=28
199 lines
8.8 KiB
Plaintext
199 lines
8.8 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sun Jun 23 08:14:08 UTC 2024 - Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
- Update to version 0.63.3
|
|
* See https://github.com/pennersr/django-allauth/blob/0.63.3/ChangeLog.rst
|
|
or the packaged ChangeLog.rst file.
|
|
- Updated missing-template-in-test.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jan 20 13:06:42 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 0.60.1:
|
|
* User sessions: after changing your password in case of
|
|
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = False, the list of
|
|
sessions woud be empty instead of showing your current
|
|
session.
|
|
* SAML: accessing the SLS/ACS views using a GET request would
|
|
result in a crash (500).
|
|
* SAML: the login view did not obey the
|
|
SOCIALACCOUNT_LOGIN_ON_GET = False setting.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 8 20:43:34 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 0.60.0:
|
|
* Google One Tap Sign-In is now supported.
|
|
* You can now more easily change the URL to redirect to after a
|
|
successful password change/set via the newly introduced
|
|
get_password_change_redirect_url() adapter method.
|
|
* You can now configure the primary key of all models by
|
|
configuring ALLAUTH_DEFAULT_AUTO_FIELD, for example to:
|
|
"hashid_field.HashidAutoField".
|
|
* You can now specify the URL path prefix that is used for all
|
|
OpenID Connect providers using
|
|
SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX. By default, it is
|
|
set to "oidc", meaning, an OpenID Connect provider with
|
|
provider ID foo uses /accounts/oidc/foo/login/ as its login
|
|
URL. Set it to empty ("") to keep the previous URL structure
|
|
(/accounts/foo/login/).
|
|
* The SAML default attribute mapping for uid has been changed
|
|
to only include urn:oasis:names:tc:SAML:attribute:subject-id.
|
|
If the SAML response does not contain that, it will fallback
|
|
to use NameID.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 14 10:22:34 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 0.59.0:
|
|
* The MFA authenticator model now features "created at" an
|
|
"last used "at" timestamps.
|
|
* The MFA authenticator model is now registered with the Django
|
|
admin.
|
|
* Added MFA signals emitted when authenticators are added,
|
|
removed or (in case of recovery codes) reset.
|
|
* There is now an MFA adapter method
|
|
``can_delete_authenticator(authenticator)``
|
|
available that can be used to prevent users from deactivating
|
|
e.g. their TOTP authenticator.
|
|
* Added a new app, user sessions, allowing users to view a list
|
|
of all their active sessions, as well as offering a means to
|
|
end these sessions.
|
|
* A configurable timeout (``SOCIALACCOUNT_REQUESTS_TIMEOUT``)
|
|
is now applied to all upstream requests.
|
|
* Added a setting ``ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS`` to disable
|
|
sending of emails to unknown accounts.
|
|
* You can now override the MFA forms via the ``MFA_FORMS``
|
|
setting.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 10 12:03:37 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- update to 0.58.2:
|
|
* Added rate limiting to the MFA login form.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 6 00:48:51 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
- make it easier to notice to keep buildrequires and runtime
|
|
requires version limits in sync. This will also help us to notice
|
|
early when the version of other libraries do not match the
|
|
requires encoded in the source code.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 2 07:54:22 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
- Update to v0.58.1
|
|
* See https://github.com/pennersr/django-allauth/blob/0.58.1/ChangeLog.rst
|
|
or the ChangeLog.rst included in this package
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 29 00:48:53 UTC 2023 - Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
|
|
|
|
- Update to v0.54.0
|
|
* skips multiple versions, reference
|
|
https://github.com/pennersr/django-allauth/commits/0.54.0
|
|
- Patch out test which cannot run without template files (missing-template-in-test.patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jun 25 08:25:56 UTC 2023 - Andreas Schneider <asn@cryptomilk.org>
|
|
|
|
- Use sle15_python_module_pythons
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 24 23:57:39 UTC 2021 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Update to v0.47.0
|
|
* Better compatibility with Django 4.0
|
|
* New providers: Gumroad.
|
|
* Added a new setting SOCIALACCOUNT_LOGIN_ON_GET that controls
|
|
whether or not the endpoints for initiating a social login
|
|
(for example, "/accounts/google/login/") require a POST request
|
|
to initiate the handshake. As requiring a POST is more secure,
|
|
the default of this new setting is False.
|
|
- from v0.46.0
|
|
* New providers: Gitea, MediaWiki.
|
|
* New translations: Georgian, Mongolian.
|
|
* Django 3.2 compatibility.
|
|
- from v0.45.0
|
|
* New providers: Feishu, NetIQ, Frontier, CILogin.
|
|
- from v0.44.0
|
|
* In previous versions, the mechanism to prevent too many failed login
|
|
attempts (ACCOUNT_LOGIN_ATTEMPTS_LIMIT) could be bypassed by
|
|
changing the casing of the login.
|
|
* The certificate key part of the SOCIALACCOUNT_PROVIDERS
|
|
configuration has been renamed to certificate_key. This is done
|
|
to prevent the key from being displayed without being masked
|
|
in Django debug pages.
|
|
* Better compatibility with Django 3.2
|
|
- from v0.43.0
|
|
* New translation: Slovenian.
|
|
* If ACCOUNT_LOGIN_ATTEMPTS_LIMIT is set and the user successfully
|
|
resets their password, the timeout is cleared to allow immediate
|
|
login.
|
|
* You can now limit the amount of email addresses a user can
|
|
associate to his account by setting ACCOUNT_MAX_EMAIL_ADDRESSES.
|
|
* New providers: Apple, Okta, Stocktwits, Zoho, Zoom.
|
|
* If email verification is set to mandatory, the email address you use
|
|
to login with must now be verified as well.
|
|
In previous versions, it was sufficient if the account had at least
|
|
one verified email address, not necessarily the one used to login with.
|
|
* Added a new setting: ACCOUNT_SIGNUP_REDIRECT_URL -- the URL
|
|
(or URL name) to redirect to directly after signing up.
|
|
* In previous versions, the allauth app included a base.html template.
|
|
This template could conflict with an equally named template at project
|
|
level. Therefore, base.html has now been moved to account/base.html
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 9 10:00:44 UTC 2020 - Ondřej Súkup <mimi.vx@gmail.com>
|
|
|
|
- Update to 0.42.0
|
|
* New providers: EDX, Yandex, Mixer.
|
|
* Fixed Twitch get_avatar_url()
|
|
* The Facebook API version now defaults to v7.0.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 7 09:59:46 UTC 2020 - Tomáš Chvátal <tchvatal@suse.com>
|
|
|
|
- Update to 0.41.0:
|
|
* Fixes CVE-2019-19844: Potential account hijack via password
|
|
reset form bsc#1159447
|
|
* Dropped Python 2 and Django 1 compatibility.
|
|
- Do not bother with the lang subpkg as it is needed to have languages
|
|
to be present always anyway
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 16 10:06:12 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
|
|
|
- Update to 0.40.0:
|
|
* The instagram provider now extracts the user's full name.
|
|
* New provider: NextCloud (OAuth2)
|
|
* Added an SDK_URL setting for customizing the loading of the Facebook JavaScript SDK.
|
|
* Updated Twitch provider to use new authentication endpoints (https://id.twitch.tv) over deprecated v5 endpoints (https://api.twitch.tv/kraken)
|
|
* Added support for Patreon API v2, with API v1 set as default for backwards compatibility.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 14 03:39:42 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Use %ifpython2/3 to allow building only one flavour
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 11 08:41:15 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
|
|
|
- Update to 0.39.1:
|
|
* The linkedin_oauth2 provider now gracefully deals with old V1 data that might still be present in SocialAccount.extra_data.
|
|
* New providers: JupyterHub (OAuth2), Steam (OpenID)
|
|
* Refactor translations: Portuguese (Portugal).
|
|
* Add testing for Django 2.2 (no code changes required)
|
|
* linkedin_oauth2: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2. The format of the user extra_data is different and the profile picture is absent by default.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 17 07:59:01 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Skip five failing tests
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Feb 16 09:45:04 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
|
|
|
- Initial spec for v0.38.0
|