News In 2016
django-allauth 0.29.0 released
Posted by Raymond Penners on 2016-11-21
Note worthy changes Addressed Django 1.10 deprecation warnings.
django-allauth 0.28.0 released
Posted by Raymond Penners on 2016-10-13
Security notice Previous versions contained a vulnerability allowing an attacker to alter the provider specific settings for SCOPE and/or AUTH_PARAMS (part of the larger SOCIALACCOUNT_PROVIDERS setting). The changes would persist across subsequent requests for all users, provided these settings were explicitly set within your project.
Read moredjango-allauth 0.27.0 released
Posted by Raymond Penners on 2016-08-18
Note worthy changes Django 1.10 compatibility. The Twitter and GitHub providers now support querying of the email address. Backwards incompatible changes When ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE was turned on, the email field key changed from email to email1, which could introduce subtle bugs.
Read moredjango-allauth 0.26.1 released
Posted by Raymond Penners on 2016-07-25
Note worthy changes Locale files wrongly packaged, fixed. Fixed bug (KeyError) when ACCOUNT_SIGNUP_EMAIL_ENTER_TWICE was set to True.
django-allauth 0.26.0 released
Posted by Raymond Penners on 2016-07-24
Note worthy changes New providers: Weixin, Battle.net, Asana, Eve Online, 23andMe, Slack Django's password validation mechanism (see AUTH_PASSWORD_VALIDATORS) is now used to validate passwords. By default, email confirmations are no longer stored in the database. Instead, the email confirmation mail contains an HMAC based key identifying the email address to confirm.
Read more