News
django-allauth 65.8.1 released
Posted by Raymond Penners on 2025-05-21
Fixes Fixed a compatibility issue with the newly released fido2 2.0.0 package. Security notice After a successful login, the rate limits for that login were cleared, allowing a succesful login on a specific IP address to be used as a means to clear the login failed rate limit for that IP address.
Read moredjango-allauth 65.8.0 released
Posted by Raymond Penners on 2025-05-08
Note worthy changes Fixed VK (a.k.a VK ID) social account provider. Improved its documentation. Added optional support for requesting new email/phone verification codes during signup. See ACCOUNT_EMAIL_VERIFICATION_SUPPORTS_RESEND and ACCOUNT_PHONE_VERIFICATION_SUPPORTS_RESEND. Added optional support for changing your email or phone at the verification stage while signing up.
Read moredjango-allauth 65.7.0 released
Posted by Raymond Penners on 2025-04-03
Note worthy changes Officially support Django 5.2. Headless: the URL to the OpenID configuration of the provider is now exposed in the provider config. Fixes Headless: when multiple login methods were enabled (e.g. both username and email), the login endpoint would incorrectly return a 400 invalid_login.
Read moredjango-allauth 65.6.0 released
Posted by Raymond Penners on 2025-03-27
Note worthy changes MFA: Added support for "Trust this browser?" functionality, which presents users with MFA enabled the choice to trust their browser allowing them to skip authenticating per MFA on each login. Fixes A check is in place to verify that ACCOUNT_LOGIN_METHODS is aligned with ACCOUNT_SIGNUP_FIELDS.
Read moredjango-allauth 65.5.0 released
Posted by Raymond Penners on 2025-03-14
Note worthy changes Added support for phone (SMS) authentication. Added support for resetting passwords by code, instead of a link (ACCOUNT_PASSWORD_RESET_BY_CODE_ENABLED). Added support for Tumblr OAuth2. Simplified signup form configuration. The following settings all controlled signup form: ACCOUNT_EMAIL_REQUIRED, ACCOUNT_USERNAME_REQUIRED, ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE, ACCOUNT_SIGNUP_PASSWORD_ENTER_TWICE.
Read more