django-allauth 0.59.0 released
Posted by Raymond Penners on 2023-12-13
Note worthy changes
- The MFA authenticator model now features "created at" an "last used "at" timestamps.
- The MFA authenticator model is now registered with the Django admin.
- Added MFA signals emitted when authenticators are added, removed or (in case of recovery codes) reset.
- There is now an MFA adapter method can_delete_authenticator(authenticator) available that can be used to prevent users from deactivating e.g. their TOTP authenticator.
- Added a new app, user sessions, allowing users to view a list of all their active sessions, as well as offering a means to end these sessions.
- A configurable timeout (SOCIALACCOUNT_REQUESTS_TIMEOUT) is now applied to all upstream requests.
- Added a setting ACCOUNT_EMAIL_UNKNOWN_ACCOUNTS to disable sending of emails to unknown accounts.
- You can now override the MFA forms via the MFA_FORMS setting.
Backwards incompatible changes
- The account adapter method should_send_confirmation_mail() signature changed. It now takes an extra signup (boolean) parameter.
- Removed OAuth 1.0 based Bitbucket provider and LinkedIn provider.
Next: django-allauth 0.60.0 released Previous: django-allauth 0.58.2 released