django-allauth 0.10.0 released

Posted by Raymond Penners on 2013-04-12

Note worthy changes

  • Chris Davis contributed Vimeo support, thanks!
  • Added support for overriding the URL to return to after connecting a social account (allauth.socialaccount.adapter.DefaultSocialAccountAdapter.get_connect_redirect_url).
  • Python 3 is now supported!
  • Dropped dependency on (unmaintained?) oauth2 package, in favor of requests-oauthlib.
  • account: Email confirmation mails generated at signup can now be differentiated from regular email confirmation mails by placing e.g. a welcome message into the account/email/email_confirmation_signup* templates. Thanks to Sam Solomon for the patch.
  • account: Moved User instance creation to adapter so that e.g. username generation can be influenced. Thanks to John Bazik for the patch.
  • Robert Balfre contributed Dropbox support, thanks!
  • socialaccount: Added support for Weibo.
  • account: Added support for sending HTML email. Add *_message.html templates and they will be automatically picked up.
  • Added support for passing along extra parameters to the OAuth2 authentication calls, such as access_type (Google) or auth_type (Facebook).
  • Both the login and signup view now immediately redirect to the login redirect url in case the user was already authenticated.
  • Added support for closing down signups in a pluggable fashion, making it easy to hookup your own invitation handling mechanism.
  • Added support for passing along extra parameters to the FB.login API call.

Backwards incompatible changes

  • Logout no longer happens on GET request. Refer to the LogoutView documentation for more background information. Logging out on GET can be restored by the setting ACCOUNT_LOGOUT_ON_GET. Furthermore, after logging out you are now redirected to ACCOUNT_LOGOUT_REDIRECT_URL instead of rendering the account/logout.html template.
  • LOGIN_REDIRECT_URLNAME is now deprecated. Django 1.5 accepts both URL names and URLs for LOGIN_REDIRECT_URL, so we do so as well.
  • DefaultAccountAdapter.stash_email_verified is now named stash_verified_email.
  • Django 1.4.3 is now the minimal requirement.
  • Dropped dependency on (unmaintained?) oauth2 package, in favor of requests-oauthlib. So you will need to update your (virtual) environment accordingly.
  • We noticed a very rare bug that affects end users who add Google social login to existing accounts. The symptom is you end up with users who have multiple primary email addresses which conflicts with assumptions made by the code. In addition to fixing the code that allowed duplicates to occur, there is a management command you can run if you think this effects you (and if it doesn't effect you there is no harm in running it anyways if you are unsure):
    • python manage.py account_unsetmultipleprimaryemails
      • Will silently remove primary flags for email addresses that aren't the same as user.email.
      • If no primary EmailAddress is user.email it will pick one at random and print a warning.
  • The expiry time, if any, is now stored in a new column SocialToken.expires_at. Migrations are in place.
  • Furthermore, Facebook started returning longer tokens, so the maximum token length was increased. Again, migrations are in place.
  • Login and signup views have been turned into class-based views.
  • The template variable facebook_perms is no longer passed to the "facebook/fbconnect.html" template. Instead, fb_login_options containing all options is passed.
Next: django-allauth 0.10.1 released Previous: django-allauth 0.9.0 released
Archives