News In 2017
django-allauth 0.34.0 released
Posted by Raymond Penners on 2017-10-29
Security notice The "Set Password" view did not properly check whether or not the user already had a usable password set. This allowed an attacker to set the password without providing the current password, but only in case the attacker already gained control over the victim's session.
Read moredjango-allauth 0.33.0 released
Posted by Raymond Penners on 2017-08-20
Note worthy changes Security: password reset tokens are now prevented from being leaked through the password reset URL. New providers: Patreon, Authentiq, Dataporten. Dropbox has been upgraded to API V2. New translation: Norwegian. Backwards incompatible changes Dropped support for Django 1.
Read moredjango-allauth 0.32.0 released
Posted by Raymond Penners on 2017-04-27
Note worthy changes Improved AJAX support: the account management views (change/set password, manage email addresses and social connections) now support AJAX GET requests. These views hand over all the required data for you to build your frontend application upon. New providers: Dwolla, Trello.
Read moredjango-allauth 0.31.0 released
Posted by Raymond Penners on 2017-02-28
Note worthy changes Added a new user_logged_out signal. OpenId: Added support for requesting additional data. New providers: Auth0, Box, Line, Naver, Kakao, Daum, MailChimp, Eventbrite. Backwards incompatible changes Django 1.7 / Python 3.2 compatibility has been dropped. Due to providers being registered in the same file as their definition it was impossible to subclass a provider without having the parent be registered.
Read moredjango-allauth 0.30.0 released
Posted by Raymond Penners on 2017-01-01
Note worthy changes Changed the algorithm that generates unique usernames. Previously, in case the provider did not hand over any information to base the username on, the username "user" extended with an ever increasing numeric suffix would be attempted until a free username was found.
Read more