django-allauth 64.1.0 released

Posted by Raymond Penners on 2024-08-15

Note worthy changes

Headless: When trying to login while a user is already logged in, you now get a 409.
Limited the maximum allowed time for a login to go through the various login stages. This limits, for example, the time span that the 2FA stage remains available. See settings.ACCOUNT_LOGIN_TIMEOUT.

Security notice

Headless: When a user was not fully logged in, for example, because (s)he was in the process of completing the 2FA process, calling logout would not wipe the session containing the partially logged in user.

Next: django-allauth 64.2.0 released Previous: django-allauth 64.0.0 released

Archives

2024 20
2023 13
2022 5
2021 3
2020 3
2019 4
2018 5
2017 5
2016 8
2015 8
2014 4
2013 11
2012 9